Adobe Acrobat and Reader PDF File Handling Remote Code Execution Vulnerability

[w3bd3vil at gmail.com (webDEViL)]

Copy and paste without understanding is a bad habit! ;)
Trojan.Pidief.E

Anyhow, since the attacks, as said in some articles, were targetted it
should not be easy getting hold of the trojan itself. Moreover, it wouldnt
solve the problem that I had mentioned.


On Sun, Feb 22, 2009 at 8:55 PM, Aczire <aczire at gmail.com> wrote:

>  Any way to intercept this one?
>
>
>
> Trojab.Pidief.E, by Symantec.
>
>
>
> If so it'd be easier to.
>
>
>  ------------------------------
>
> *From:* webDEViL [mailto:w3bd3vil at gmail.com]
> *Sent:* Sunday, February 22, 2009 8:22 PM
> *To:* Aczire
> *Cc:* H D Moore; framework at spool.metasploit.com
> *Subject:* Re: [framework] Adobe Acrobat and Reader PDF File Handling
> Remote Code Execution Vulnerability
>
>
>
> I was looking into this.
> Just made a pdf which imitates the crash. Problem with the JBIG2 as the
> blog metnions.
> I am attaching the pdf, i.e. if the list lets it through. Should cause a
> crash on most of pdf readers whether linux/windows.
>
> I was stuck with the part where I tried some shellcode execution with JS,
> but since this is 0day acrobat crashes.
>
>
> Regards,
> webDEViL
>
>
>  On Sun, Feb 22, 2009 at 7:44 PM, Aczire <aczire at gmail.com> wrote:
>
> Hi list,
> http://www.securityfocus.com/bid/33751
> http://vrt-sourcefire.blogspot.com/2009/02/have-nice-weekend-pdf-love.html
>
> Any attempt to write an exploit for this one? Or any msf exploit in wild?
>
> Regards,
> acz
>
> _______________________________________________
> http://spool.metasploit.com/mailman/listinfo/framework
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090223/b952553f/attachment.htm>