Clickless PDF Vulnerability

The following link includes a video that demonstrates how it is possible to launch exploit code with the new PDF vulnerability simply by selecting the file icon, switching to thumbnail view, or just hovering over the file icon. Each of these actions triggers a Windows Explorer shell extension which reads information from the PDF file, and this enables the exploit code to run.

JBIG2Decode Trigger Trio – [blog.didierstevens.com]

More on the vulnerability:
JBIG2Decode Essentials – [blog.didierstevens.com]

Adobe PDF Exploit Code Analysis – [securitylabs.websense.com]

Vulnerability Summary for CVE-2009-0658 – [web.nvd.nist.gov]

Adobe Acrobat and Reader JBIG2 image stream buffer overflow – [xforce.iss.net]

Leave a Reply

You must be logged in to post a comment.