Metasploit mailing list archives
Adobe Acrobat and Reader PDF File Handling Remote Code Execution Vulnerability
From: w3bd3vil at gmail.com (webDEViL)
Date: Mon, 23 Feb 2009 00:18:33 +0530
Copy and paste without understanding is a bad habit! ;) Trojan.Pidief.E Anyhow, since the attacks, as said in some articles, were targetted it should not be easy getting hold of the trojan itself. Moreover, it wouldnt solve the problem that I had mentioned. On Sun, Feb 22, 2009 at 8:55 PM, Aczire <aczire at gmail.com> wrote:
Any way to intercept this one? Trojab.Pidief.E, by Symantec. If so it'd be easier to. ------------------------------ *From:* webDEViL [mailto:w3bd3vil at gmail.com] *Sent:* Sunday, February 22, 2009 8:22 PM *To:* Aczire *Cc:* H D Moore; framework at spool.metasploit.com *Subject:* Re: [framework] Adobe Acrobat and Reader PDF File Handling Remote Code Execution Vulnerability I was looking into this. Just made a pdf which imitates the crash. Problem with the JBIG2 as the blog metnions. I am attaching the pdf, i.e. if the list lets it through. Should cause a crash on most of pdf readers whether linux/windows. I was stuck with the part where I tried some shellcode execution with JS, but since this is 0day acrobat crashes. Regards, webDEViL On Sun, Feb 22, 2009 at 7:44 PM, Aczire <aczire at gmail.com> wrote: Hi list, http://www.securityfocus.com/bid/33751 http://vrt-sourcefire.blogspot.com/2009/02/have-nice-weekend-pdf-love.html Any attempt to write an exploit for this one? Or any msf exploit in wild? Regards, acz _______________________________________________ http://spool.metasploit.com/mailman/listinfo/framework
-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090223/b952553f/attachment.htm>
Current thread:
- msfencode wullie19 at ntlworld.com (Feb 20)
- msfencode H D Moore (Feb 20)
- Adobe Acrobat and Reader PDF File Handling Remote Code Execution Vulnerability Aczire (Feb 22)
- Message not available
- Adobe Acrobat and Reader PDF File Handling Remote Code Execution Vulnerability Aczire (Feb 22)
- Adobe Acrobat and Reader PDF File Handling Remote Code Execution Vulnerability webDEViL (Feb 22)
- Adobe Acrobat and Reader PDF File Handling Remote Code Execution Vulnerability Aczire (Feb 22)
- Adobe Acrobat and Reader PDF File Handling Remote Code Execution Vulnerability jeffs (Feb 23)
- msfencode H D Moore (Feb 20)
- msfencode jeffs (Feb 22)
- msfencode Patrick Webster (Feb 22)