|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Full-disclosure] odd Adobe Acrobat thing...
From: Morning Wood (se_cur_ity
hotmail.com)
Date: Mon Jul 04 2005 - 00:37:29 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
i noticed...
simply rolling over a *.pdf on your desktop launches...
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
im guessing Explorer is doing some odd things ( preloading on a rollover )
..reminds me of the jpg GDI exploit. i imagine if AcroRd32Info.exe is
exploitable you could craft a bad .pdf with data to overflow that exe. ( a
simple rollover would start the sploit )
just noticing,
MW
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]