Comments on: 0day: PDF pwns Windows

By: Confirmation d’une vulnÃ©rabilitÃ© critique dans Adobe Reader et Acrobat â€” SecurityVibes Magazine

Wed, 23 Mar 2011 15:15:39 +0000

[...] informatique Ã Ãªtre sur le qui-vive, dans l’attente de la confirmation d’une vulnÃ©rabilitÃ© dÃ©couverte par Petko D. Petkov et affectant notamment le lecteur PDF Adobe Reader, trÃ¨s rÃ©pandu en milieu professionnel. Andrew [...]

By: .:[ d4 n3wS ]:. » Blog Archive » VulnÃ©rabilitÃ© dans Acrobat Reader

.:[ d4 n3wS ]:. » Blog Archive » VulnÃ©rabilitÃ© dans Acrobat Reader — Wed, 25 Aug 2010 04:14:11 +0000

[...] Origine de l’article : http://www.gnucitizen.org/blog.....ns-windows [...]

By: Moose

Moose — Wed, 25 Feb 2009 18:44:53 +0000

Does this affect Windows XP w/ Service Pack 3?

Thanks

By: Backdooring PDF Files

Backdooring PDF Files — Tue, 10 Feb 2009 14:09:53 +0000

[...] 20/09/07 – PDP’s PDF URI Parsing Vulnerability [...]

By: Don’t Open PDF Documents If You Run Windows ~ usrbingeek’s musings

Don’t Open PDF Documents If You Run Windows ~ usrbingeek’s musings — Thu, 22 May 2008 04:13:41 +0000

[...] [0day: PDF pwns Windows] [...]

By: Adobe PDF è¢«ç™¼ç¾é›¶æ™‚å·®å®‰å…¨æ¼æ´ž | å¤§ç ²é–‹è¬›

Adobe PDF è¢«ç™¼ç¾é›¶æ™‚å·®å®‰å…¨æ¼æ´ž | å¤§ç ²é–‹è¬› — Fri, 25 Apr 2008 08:38:17 +0000

[...] GnuCitizençš„pdpæœ€è¿‘åœ¨ä»–å€‘çš„éƒ¨è½æ ¼å¼µè²¼äº†ä¸€ç¯‡æ–‡ç« ï¼Œæ˜¯æœ‰é—œPDFæª”æ¡ˆå‡ºç¾é›¶æ™‚å·®å®‰å…¨æ¼æ´žã€‚å¦‚æžœä½¿ç”¨è€…é–‹å•Ÿä¸€å€‹ç‰¹åˆ¥è£½ä½œçš„PDFæª”æ¡ˆï¼Œå°±å¯ä»¥è®“æ”»æ“Šè€…æŽ§åˆ¶ä½ çš„ç³»çµ±ã€‚è«‹å„ä½ä¸è¦äº‚é–‹å•Ÿä¾†è·¯ä¸æ˜Žçš„PDFæª”æ¡ˆã€‚ åœ¨é€™ç¯‡æ–‡ç« ä¸ï¼Œä½œè€…åªå±•ç¤ºäº†æ¤å®‰å…¨æ¼æ´žï¼Œä¸¦å®£ç¨±å·²ç¶“ç²å¾—Adobeï¼Œä½†æ²’æœ‰å…¬é–‹é©—è‰ç¨‹å¼ï¼Œä»¥è‡´æ–¼æœ‰äº›äººç™¼å‡ºè³ªç–‘çš„è²éŸ³ã€‚ [...]

By: JohnFavorite.com » Blog Archive » 0day: PDF pwns Windows

JohnFavorite.com » Blog Archive » 0day: PDF pwns Windows — Tue, 01 Apr 2008 08:03:52 +0000

[...] going through the [Full-disclosure] mailing list I came across this gem. It seems as though Petko Petkovhave over at GNUCITIZEN found a serious flaw in the way Adobe [...]

By: CG

CG — Thu, 14 Feb 2008 22:47:13 +0000

now that all the patches are out are you going to release some more details?

By: Inking’s Blog » Google GMail E-mail Hijack Technique

Inking’s Blog » Google GMail E-mail Hijack Technique — Sun, 03 Feb 2008 04:56:58 +0000

[...] my disclosure policy regarding this vulnerability and the one disclosed several days ago concerning PDF. Letâ€™s say that it is just one of my social [...]

By: Onlinespiele

Onlinespiele — Sat, 08 Dec 2007 17:27:06 +0000

Are there any reactions from Adobe?

By: » Mozilla Firefox 2.0.0.8 Universal XSS ZayÄ±flÄ±ÄŸÄ± WWW~TR-SECURiTY~COM:

» Mozilla Firefox 2.0.0.8 Universal XSS ZayÄ±flÄ±ÄŸÄ± WWW~TR-SECURiTY~COM: — Sat, 24 Nov 2007 16:08:52 +0000

[...] GNUCITIZEN yazarlarÄ±ndan pdp yine bir universal XSS zayÄ±flÄ±ÄŸÄ± bulmuÅŸ.Universal derken, genel olarak bir uygulamadan kaynaklanan ve her yerde geÃ§erli olan anlamÄ±na gelmektedir.Ã–rneÄŸin yakÄ±n zamanda yine pdp Adobe Acrobat PDF dÃ¶kÃ¼manlarÄ±nÄ± aÃ§arken meydana gelen bir universal XSS daha bulmuÅŸtu. [...]

By: Sally

Sally — Sat, 24 Nov 2007 10:48:11 +0000

Have you all noticed that the spammer’s choice of delivery has become PDF attachments?

The attached PDF usually contains stock quotes.

By: Sally

Sally — Sat, 24 Nov 2007 10:44:27 +0000

This explains why spammers have now switched to sending their emails with a PDF attachment. Usually the PDF attachment contains an embedded image of a stock quote or something stupid like that. Lately I have been openning these out of curiousity but it seems we should not.

By: ggman

ggman — Thu, 15 Nov 2007 23:45:22 +0000

@cyanid-E

I opened your pdf on a linux system
via:

1. adobe firefox plugin
2. adobe reader 8.1.1 (“Adobe strongly recommends upgrading to Adobe Reader 8.1.1″)

and evolution offered me to send an email to guys with really strange email adresses:

1. “windows/system32/calc.exe”
2. test%..

- quite scary -

By: \-=[WHK]=-// » Archive » ExplicaciÃ³n del comando de ejecuciÃ³n arbitraria en documentos PDF

Thu, 15 Nov 2007 18:55:34 +0000

[...] http://www.gnucitizen.org/blog.....ns-windows http://secunia.com/advisories/26201/ [...]

By: V0lTr4n Bl0G » El Adobe Reader tiene un serio agujero de seguridad

V0lTr4n Bl0G » El Adobe Reader tiene un serio agujero de seguridad — Tue, 13 Nov 2007 02:20:05 +0000

[...] SegÃºn el hacker Petko Petkov (Gray hat), existe un agujero de seguridad en Adobe Reader, que con solo abrir un PDF manipulado un hacker podrÃa ejecutar un codigo malicioso en nuestros PCs, no dando detalles de la vulnerabilidad.Petkov ha confirmado que este bug afecta a los Windows XP SP2 con las Ãºltimas versiones de Adobe Reader 8.1, 8.0 y 7, aunque no se descarta que otras versiones de Windows estÃ©n afectadas. [...]

By: XT12D

XT12D — Fri, 09 Nov 2007 19:34:48 +0000

Bad analogy, Adrian, A better one would be, “Why not hand out vials of HIV tainted blood in the hopes that some freelance doctor will find a cure?”

By: 0day vulnerability in PDF files could break your windows box | AXT Magazine

0day vulnerability in PDF files could break your windows box | AXT Magazine — Thu, 08 Nov 2007 01:56:12 +0000

[...] under certain circumstances, a PDF file could remote execute an application on the host machine. The demo video shows how two pdf files, stored on local drive, once they’re open, can launch another [...]

By: æ–°ä¸€ä»£ç—…æ¯’æ„ŸæŸ“é€”å¾‘-PDF « Jiunn’s mind + information collection

Tue, 06 Nov 2007 07:47:52 +0000

[...] 2007/09/20 PDF pwns Windowsé€™ç¯‡æ–‡ç« ã€‚ [...]

By: Deeprunner

Deeprunner — Mon, 05 Nov 2007 04:44:14 +0000

Very Informative and I see We still can’t get along apparently, oh well. But, being obviously on the lower end of the knowledge curve in this arena…Can any of you human beings tell me what you think of this link’s usefullness regarding these kind of issues? -Vegas

Comments on: 0day: PDF pwns Windows

By: Confirmation d’une vulnÃ©rabilitÃ© critique dans Adobe Reader et Acrobat â€” SecurityVibes Magazine

By: .:[ d4 n3wS ]:. » Blog Archive » VulnÃ©rabilitÃ© dans Acrobat Reader

By: Moose

By: Backdooring PDF Files

By: Don’t Open PDF Documents If You Run Windows ~ usrbingeek’s musings

By: Adobe PDF è¢«ç™¼ç¾é›¶æ™‚å·®å®‰å…¨æ¼æ´ž | å¤§ç ²é–‹è¬›

By: JohnFavorite.com » Blog Archive » 0day: PDF pwns Windows

By: CG

By: Inking’s Blog » Google GMail E-mail Hijack Technique

By: Onlinespiele

By: » Mozilla Firefox 2.0.0.8 Universal XSS ZayÄ±flÄ±ÄŸÄ± WWW~TR-SECURiTY~COM:

By: Sally

By: Sally

By: ggman

By: \-=[WHK]=-// » Archive » ExplicaciÃ³n del comando de ejecuciÃ³n arbitraria en documentos PDF

By: V0lTr4n Bl0G » El Adobe Reader tiene un serio agujero de seguridad

By: XT12D

By: 0day vulnerability in PDF files could break your windows box | AXT Magazine

By: æ–°ä¸€ä»£ç—…æ¯’æ„ŸæŸ“é€”å¾‘-PDF « Jiunn’s mind + information collection

By: Deeprunner

By: Adobe PDF è¢«ç™¼ç¾é›¶æ™‚å·®å®‰å…¨æ¼æ´ž | å¤§ç ²é–‹è¬›