Threat Level: green Handler on Duty: Manuel Pelaez

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Adobe PDF Reader "Launch" vulnerability still exploitable

Published: 2010-07-02
Last Updated: 2010-07-02 02:43:08 UTC
by Johannes Ullrich (Version: 1)
3 comment(s)

Earlier this week, Adobe released a patch for PDF Reader and Acrobat, resolving among many vulnerabilities the "Launch" vulnerability which allowed an attacker to execute arbitrary code [1]. One of the problems was that this vulnerablity existed due to a feature in the PDF specification and Adobe was not willing to alter the specs in order to fix this problem.

As pointed out in a blog post by Le Manh Tung, the vulnerability is still exploitable if the command is included in quotes. However, unlike in earlier versions of the PDF reader, it is no longer possible to modify the warning dialog giving users a fighting chance to not execute the code.

[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1240

------

Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Keywords:
3 comment(s)
Diary Archives