Slashdot Mirror


Hacker Finds Multiple PDF Backdoors

Gungadin writes "Eweek.com has a story about a British security researcher figuring out a way to manipulate legitimate features in Adobe PDF files to open backdoors for computer attacks. David Kierznowski, a penetration testing expert specializing in Web application testing, has released proof-of-concept code and two sample PDF files to demonstrate how the Adobe Reader program can be rigged to launch Web-based attacks without any user action. He claims there are least seven different ways to backdoor a PDF."

5 of 147 comments (clear)

  1. Heh by Shawn+is+an+Asshole · · Score: 4, Funny


    Huh huh, penetration.
    </beavis_and_butthead>

    Who started giving this title?

    --
    "It ain't a war against drugs.it's a war against personal freedom" --Bill Hicks
  2. pr0n by User+956 · · Score: 5, Funny

    He claims there are least seven different ways to backdoor a PDF.

    I've seen quite a bit of pr0n. There's way more than seven ways.

    --
    The theory of relativity doesn't work right in Arkansas.
  3. Sources claim... by Mikachu · · Score: 5, Funny

    Sources claim the exploits would have been found sooner if any other hackers had the patience to wait for PDFs to load.

  4. Re:Evince, etc. by Anonymous Coward · · Score: 5, Funny

    Did you file a bug to let them know they didn't support the exploit? This is free software, they should get right on it.

  5. Re:Doesn't work on Linux by flyingfsck · · Score: 5, Funny

    Hmm, Linux just isn't ready for the desktop yet.

    --
    Excuse me, but please get off my Pennisetum Clandestinum, eh!