Text only | Text with Images

Clan x86

Technical (Development, Security, etc.) => General Security Information => Topic started by: Newby on September 15, 2006, 08:12:01 PM

Title: PDF exploits!
Post by: Newby on September 15, 2006, 08:12:01 PM
http://www.eweek.com/article2/0,1895,2016606,00.asp
Title: Re: PDF exploits!
Post by: Sidoh on September 15, 2006, 08:38:11 PM
Interesting!

However, I'm (personally) rarely confronted with the need to open a PDF from a source I'm not familiar with or don't trust.  I realize that there are ways to emulate a widely trusted source, but it would seem that there are more useful exploits that would take advantage of this.

I wonder how Adobe will deal with it.
Title: Re: PDF exploits!
Post by: Nate on September 15, 2006, 10:39:33 PM
they are PDF reader exploits not PDF exploits.  It would be nice if it said which readers too.
Title: Re: PDF exploits!
Post by: Newby on September 15, 2006, 10:45:59 PM
The Adobe Acrobat programs are affected.

And the exploits are found in the PDF files themselves, so I guess technically they could be "PDF exploits" ;).
Title: Re: PDF exploits!
Post by: Sidoh on September 15, 2006, 10:54:09 PM
Plus, it's pretty safe to assume that they mean Adobe applications.  It's like questioning which application is in question in a ".doc exploitation."
Title: Re: PDF exploits!
Post by: Quik on September 16, 2006, 01:02:03 AM
The question is, however, if these exploits work on other PDF reading applications. The first one should, at least. As long as the reader takes full advantage of all the features of PDF files.
Title: Re: PDF exploits!
Post by: Newby on September 16, 2006, 01:02:18 AM
Not all of them.
Text only | Text with Images