PDF Attack
Page 1 of 1
PDF Attack
Didier Stevens, an IT consultant with Contraste Europe, discovered the vulnerability, which entails getting PDF viewers to automatically execute embedded executables when the PDF file is opened.
"To address the specific problems outlined, Foxit has added a warning dialog box that will pop up when a PDF file is opened with Foxit Reader, asking the user to agree to execute or not," the company continued. "This solution adds a layer of safety yet maintains Foxit Reader’s compliance with current PDF standards."
Adobe already has a warning box in place, but Stevens claims there's a way for hackers to partially alter the dialog. According to eWEEK, Adobe is discussing the potential threat but didn't say if it would take any further precautions.
So, Foxit has dealt with the threat while Adobe has not yet.
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics
» Anatomy of an XSS Attack
» Durzosploit XSS attack
» MD5-string attack on web applications
» Web application firewall bypass with a XSS attack
» Web Browsers: An Emerging Platform Under Attack
» Durzosploit XSS attack
» MD5-string attack on web applications
» Web application firewall bypass with a XSS attack
» Web Browsers: An Emerging Platform Under Attack
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|