[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] odd Adobe Acrobat thing...

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] odd Adobe Acrobat thing...
From: "Morning Wood" <se_cur_ity@xxxxxxxxxxx>
Date: Sun, 3 Jul 2005 22:37:29 -0700

i noticed...

simply rolling over a *.pdf on your desktop launches...
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe

im guessing Explorer is doing some odd things ( preloading on a rollover )
..reminds me of the jpg GDI exploit. i imagine if AcroRd32Info.exe is
exploitable you could craft a bad .pdf with data to overflow that exe. ( a
simple rollover would start the sploit )

just noticing,
MW
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- [Full-disclosure] Re: odd Adobe Acrobat thing...
  - From: Dave Korn

Prev by Date: Re: [Full-disclosure] alert: the 111111 bug
Next by Date: [Full-disclosure] Directory traversal vulnerability in "Quick & Dirty PHPSource Printer" 1.0
Previous by thread: Re: [Full-disclosure] alert: the 111111 bug
Next by thread: [Full-disclosure] Re: odd Adobe Acrobat thing...
Index(es):
- Date
- Thread