Another nasty trick in malicious PDF

Discussion in 'malware problems & news' started by SweX, Apr 25, 2011.

Thread Status:
Not open for further replies.
  1. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    I find this blog post by avast! very informative and interesting. But a bit worrying as well :ninja:

     
    SweX, Apr 25, 2011
    #1
  2. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    4,020
    Location:
    California
    Note the two exploits referenced in the blog, CVE-2010-0188, CVE-2010-2883.

    If you check them out, you see that the tricky code in the PDF results in serving up an executable payload:

    CVE-2010-0188: Exploit in the wild
    http://blog.fortinet.com/cve-2010-0188-exploit-in-the-wild/

    Adobe Reader 0-day vulnerability (CVE-2010-2883)
    http://www.thesecurityblog.com/2010/09/adobe-reader-0-day-vulnerability-cve-2010-2883/

    Standard protection against unauthorized executable payloads thwarts this "nasty-trick-in-malicious-pdf" at the gate.

    regards,

    -rich
     
    Last edited: Apr 25, 2011
    Rmus, Apr 25, 2011
    #2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...