#!/usr/bin/perl
# k`sOSe 02/22/2009
# http://vrt-sourcefire.blogspot.com/2009/02/have-nice-weekend-pdf-love.html
my $size = “\x40\x00”;
my $factor = “ABCD”;
my $data = “A” x 8314;
阅读全文 »
[UPDATE]Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability
by cocoruder([email protected])
http://ruder.cdut.net, updated on 2008.05.06
Summary:
A design error vulnerability exists in Adobe Reader and Adobe Acrobat Professional. A remote attacker who successfully exploit this vulnerability can control the printer without user’s permission.
Affected Software Versions:
Adobe Reader 8.1.1 and earlier versions
Adobe Acrobat Professional, 3D and Standard 8.1.1 and earlier versions
Details:
This vulnerablity due to the design error of the javascript fucntion “DOC.print()”, following are the annotates of the function in Adobe’s Javascript API Reference(named “js_api_reference.pdf”):
Tags: Adobe, Adobe Acrobat Reader, Adobe Reader, Advisory, Vulnerability来源:Ph4nt0m Google Group
Link to exploit:
Please download and open it locally in Adobe Acrobat (not in Adobe Acrobat
ActiveX control):
http://security.fedora-hosting.com/0day/pdf/pdf_poc.pdf
Description:
0-day proof of concept (PoC) exploit for Adobe Acrobat.
Software affected:
+ Adobe Reader 8.1 (and earlier)
+ Adobe Acrobat Standard, 阅读全文 »
