Another nasty trick in malicious PDF

Discussion in 'malware problems & news' started by SweX, Apr 25, 2011.

Thread Status:
Not open for further replies.
  1. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    I find this blog post by avast! very informative and interesting. But a bit worrying as well :ninja:

     
  2. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Note the two exploits referenced in the blog, CVE-2010-0188, CVE-2010-2883.

    If you check them out, you see that the tricky code in the PDF results in serving up an executable payload:

    CVE-2010-0188: Exploit in the wild
    http://blog.fortinet.com/cve-2010-0188-exploit-in-the-wild/

    Adobe Reader 0-day vulnerability (CVE-2010-2883)
    http://www.thesecurityblog.com/2010/09/adobe-reader-0-day-vulnerability-cve-2010-2883/

    Standard protection against unauthorized executable payloads thwarts this "nasty-trick-in-malicious-pdf" at the gate.

    regards,

    -rich
     
    Last edited: Apr 25, 2011
Loading...
Thread Status:
Not open for further replies.