Comments on: 0day: PDF pwns Windows

By: pdp

pdp — Fri, 25 Apr 2008 14:01:40 +0000

thanks for the comment.

By: wishi

wishi — Fri, 25 Apr 2008 13:30:48 +0000

:-)

Every security professional has to chose the path between publishing and keeping secret exploits every day. It’s uncommon to put 0days in Blogs, because that handles out the problem to the wrong guys: not to those, who want to fix the issue, but to those, trying to abuse it for malicious mails or so.

I’m nosy, too… but executable code in a pdf is as old as Methusalem. That’s no 0day. That’s a joke ;).

Have fun,
wishi

By: Adobe PDF 被發現零時差安全漏洞 | 大砲開講

Adobe PDF 被發現零時差安全漏洞 | 大砲開講 — Fri, 25 Apr 2008 08:38:17 +0000

[…] GnuCitizen的pdp最近在他們的部落格張貼了一篇文章，是有關PDF檔案出現零時差安全漏洞。如果使用者開啟一個特別製作的PDF檔案，就可以讓攻擊者控制你的系統。請各位不要亂開啟來路不明的PDF檔案。在這篇文章中，作者只展示了此安全漏洞，並宣稱已經獲得Adobe，但沒有公開驗證程式，以致於有些人發出質疑的聲音。 […]

By: JohnFavorite.com » Blog Archive » 0day: PDF pwns Windows

JohnFavorite.com » Blog Archive » 0day: PDF pwns Windows — Tue, 01 Apr 2008 08:03:52 +0000

[…] going through the [Full-disclosure] mailing list I came across this gem. It seems as though Petko Petkovhave over at GNUCITIZEN found a serious flaw in the way Adobe […]

By: CG

CG — Thu, 14 Feb 2008 22:47:13 +0000

now that all the patches are out are you going to release some more details?

By: Inking’s Blog » Google GMail E-mail Hijack Technique

Inking’s Blog » Google GMail E-mail Hijack Technique — Sun, 03 Feb 2008 04:56:58 +0000

[…] my disclosure policy regarding this vulnerability and the one disclosed several days ago concerning PDF. Let’s say that it is just one of my social […]

By: Onlinespiele

Onlinespiele — Sat, 08 Dec 2007 17:27:06 +0000

Are there any reactions from Adobe?

By: » Mozilla Firefox 2.0.0.8 Universal XSS Zayıflığı WWW~TR-SECURiTY~COM:

» Mozilla Firefox 2.0.0.8 Universal XSS Zayıflığı WWW~TR-SECURiTY~COM: — Sat, 24 Nov 2007 16:08:52 +0000

[…] GNUCITIZEN yazarlarından pdp yine bir universal XSS zayıflığı bulmuş.Universal derken, genel olarak bir uygulamadan kaynaklanan ve her yerde geçerli olan anlamına gelmektedir.Örneğin yakın zamanda yine pdp Adobe Acrobat PDF dökümanlarını açarken meydana gelen bir universal XSS daha bulmuştu. […]

By: Sally

Sally — Sat, 24 Nov 2007 10:48:11 +0000

Have you all noticed that the spammer’s choice of delivery has become PDF attachments?

The attached PDF usually contains stock quotes.

By: Sally

Sally — Sat, 24 Nov 2007 10:44:27 +0000

This explains why spammers have now switched to sending their emails with a PDF attachment.
Usually the PDF attachment contains an embedded image of a stock quote or something stupid like that. Lately I have been openning these out of curiousity but it seems we should not.

By: ggman

ggman — Thu, 15 Nov 2007 23:45:22 +0000

@cyanid-E

I opened your pdf on a linux system
via:

1. adobe firefox plugin
2. adobe reader 8.1.1 (”Adobe strongly recommends upgrading to Adobe Reader 8.1.1″)

and evolution offered me to send an email to guys with really strange email adresses:

1. “windows/system32/calc.exe”
2. test%..

- quite scary -

By: \-=[WHK]=-// » Archive » Explicación del comando de ejecución arbitraria en documentos PDF

Thu, 15 Nov 2007 18:55:34 +0000

[…] http://www.gnucitizen.org/blog.....ns-windows http://secunia.com/advisories/26201/ […]

By: V0lTr4n Bl0G » El Adobe Reader tiene un serio agujero de seguridad

V0lTr4n Bl0G » El Adobe Reader tiene un serio agujero de seguridad — Tue, 13 Nov 2007 02:20:05 +0000

[…] Según el hacker Petko Petkov (Gray hat), existe un agujero de seguridad en Adobe Reader, que con solo abrir un PDF manipulado un hacker podría ejecutar un codigo malicioso en nuestros PCs, no dando detalles de la vulnerabilidad.Petkov ha confirmado que este bug afecta a los Windows XP SP2 con las últimas versiones de Adobe Reader 8.1, 8.0 y 7, aunque no se descarta que otras versiones de Windows estén afectadas. […]

By: XT12D

XT12D — Fri, 09 Nov 2007 19:34:48 +0000

Bad analogy, Adrian, A better one would be, “Why not hand out vials of HIV tainted blood in the hopes that some freelance doctor will find a cure?”

By: 0day vulnerability in PDF files could break your windows box | AXT Magazine

0day vulnerability in PDF files could break your windows box | AXT Magazine — Thu, 08 Nov 2007 01:56:12 +0000

[…] under certain circumstances, a PDF file could remote execute an application on the host machine. The demo video shows how two pdf files, stored on local drive, once they’re open, can launch another […]

By: 新一代病毒感染途徑-PDF « Jiunn’s mind + information collection

新一代病毒感染途徑-PDF « Jiunn’s mind + information collection — Tue, 06 Nov 2007 07:47:52 +0000

[…] 2007/09/20 PDF pwns Windows這篇文章。 […]

By: Deeprunner

Deeprunner — Mon, 05 Nov 2007 04:44:14 +0000

Very Informative and I see We still can’t get along apparently, oh well. But, being obviously on the lower end of the knowledge curve in this arena…Can any of you human beings tell me what you think of this link’s usefullness regarding these kind of issues? -Vegas

By: electrobrain » Blog Archive » Kritische Schwachstelle in ‘Adobe Reader’

Sun, 04 Nov 2007 13:36:53 +0000

[…] Originalmeldung: http://www.gnucitizen.org/blog.....ns-windows […]

By: Tim

Tim — Thu, 25 Oct 2007 13:05:36 +0000

Great Site - really useful information!n

By: Nochmal Sicherheitsl�cke im Adobe Reader - wunderkessel.de - die Thermomix�-Community

Wed, 24 Oct 2007 17:19:27 +0000

[…] und ggf. die vollstaendige Kontrolle ueber das System erlangen. Quellen: Originalmeldung: 0day: PDF pwns Windows | GNUCITIZEN CVE-2007-5020: National Vulnerability Database (CVE-2007-5020) Security Tracker: […]