Exploit in PDF Files

We now have a new donation system! Whoo hoo! Try it out.

Recognition Wall

by gotya ~ April 1st, 2010. Filed under: Dev.

Didier Stevens, security researcher and expert on malicious PDF files, has succeeded in creating a proof-of-concept PDF file that uses the launch action triggered by the opening of the file to execute the embedded malicious executable.

What makes this piece of news really interesting is that he didn’t exploit a security vulnerability in the PDF file, but he found a way to start the /Launch /Action command and embed the malicious file using a special technique.

The only thing standing in the way of an immediate execution of the embedded file is the warning pop-up displayed by Adobe Reader – but even this can be (partially) modified by the attacker, as shown here:

Share and Enjoy:

User Bar

Links

apples tablet pc auscfhost BitBlinder botnet Bots 5.0 camfrog bot camfrog Bots chrome os CONSOLE GAMING cyber attacks CYBERSECURITY ddos dj que door knock dos download downloads Exploit in PDF Files GotyaCam gotyatoolz hack HARDWARE iphone irc islate LEAKS lock mac.linux MICROSOFT misc MOTHERBOARDS paying programming registry SPYING stop attack stop dos attack stop syn flood syn flood Tooladex Video Chat in your Livingroom vip windows wireless XBOX 360 Dev (33)
Sidebar Photoblog (1)

WP Cumulus Flash tag cloud by Roy Tanck and Luke Morton requires Flash Player 9 or better.

WP Hashcash

By Elliott Back
54 spam comments blocked out of 73 human comments. 42.52% of your comments are spam!

More Links

Recognition Wall