Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: 0-day PDF exploit

From: "cocoruder ." <frankruder () hotmail com>
Date: Wed, 17 Oct 2007 01:38:40 +0000
Why everybody said it is a zero day about PDF? it's just a fault in IE7, or just want to make a big media hit? real PDF zero day will exists in the PDF's file format, or some Adobe's expanded functions. 


welcome to my blog:
http://ruder.cdut.net






From: biz4rre () gmail com
To: full-disclosure () lists grok org uk
Subject: [Full-disclosure] 0-day PDF exploit
Date: Tue, 16 Oct 2007 15:00:14 +0300

Zero day PDF exploit for Adobe Acrobat


Link to exploit:

Please download and open it locally in Adobe Acrobat (not in Adobe Acrobat
ActiveX control):

http://security.fedora-hosting.com/0day/pdf/pdf_poc.pdf


Description:

0-day proof of concept (PoC) exploit for Adobe Acrobat.


Software affected:

+ Adobe Reader 8.1 (and earlier)
+ Adobe Acrobat Standard, Pro and Elements 8.1 (and earlier)
+ Adobe Acrobat 3D


System affected:

+ Windows XP with IE7


Details:

To view exploit code in Adobe Acrobat go to: Pages -> Page Properties ->
Actions
(trigger: Page Open, action: Open a web link)

This is URL handling bug in shell32!ShellExecute()


Workaround:

Currently unavailable.


Thanks to:

pdp (at) gnucitizen.org for his investigation


regards,
cyanid-E <biz4rre () gmail com>




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_________________________________________________________________
享用世界上最大的电子邮件系统― MSN Hotmail。 http://www.hotmail.com 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: