-
September 16th, 2006, 07:28 PM
#1
Hacker Finds Multiple PDF Backdoors
Via Slashdot: http://it.slashdot.org/article.pl?si...39205&from=rss
Via EWeek: http://www.eweek.com/article2/0,1895,2016606,00.asp
PoC: http://michaeldaw.org/projects/backdoored1.pdf
Source: http://michaeldaw.org
This article will give two practical examples of how Adobe Professional and Adobe Reader can be backdoored. There are 7 or more points where an attacker can launch malicious code. Both of the attacks discussed below are attached to the “Page Open” event
By malicious code, the author doesn't mean execution of arbitrary code, but instead the execution of some Adobe flavored javascript. The author "accesses the Windows ODBC, enumerates available databases" with a javascript file, which is interesting but not really a big deal... and I don't see how this is a backdoor at all.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|