[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] 0day: PDF pwns Windows
- To: "Geo." <geoincidents@xxxxxxx>
- Subject: Re: [Full-disclosure] 0day: PDF pwns Windows
- From: silky <michaelslists@xxxxxxxxx>
- Date: Sun, 23 Sep 2007 09:45:06 +1000
On 9/22/07, Geo. <geoincidents@xxxxxxx> wrote:
> > pa> http://www.gnucitizen.org/blog/0day-pdf-pwns-windows
> > Is this the way responsible disclosure works these days ?
> > "Adobe?s representatives can contact me from the usual place."
> >
> > Wow, now that's coordinated release. Knowing the bugs that you found
> > previously it should take 10 minutes to rediscover this one. Which
> > makes this even worse.
>
> I just saw his video showing the exploit fireing up calculator, it looks
> like the same stuff (feature/exploit call it what you want) that's been
> around for years. See www.nthelp.com/test.pdf (warning, it won't damage
> anything but it may scare you)
ps, if anyone cares, this exploit does not work on foxit pdf reader v1.3.
foxit rocks.
so lets not call it a 'pdf' vuln, but a 'adobe acrobat' vuln.
> Geo.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
--
mike
http://lets.coozi.com.au/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/