Slashdot Mirror

← Back to Stories (view on slashdot.org)

Zero-day Exploit in PDF With Adobe Reader

Posted by CowboyNeal on from the be-on-alert dept.

hankwang writes "Security researcher Petko Petkov, who is known for his recent discovery of a vulnerability with Quicktime in Firefox, claims to have discovered an exploit that allows arbitrary code execution when a maliciously crafted PDF document is opened in any version of Adobe Reader. Petkov did not disclose any technical details other than a video, but claims on his blog that Adobe has acknowledged the vulnerability. If this exploit goes wild, it could cause some serious problems, as PDFs are usually automatically opened from web browsers and widely used and trusted by corporate users."

2 of 188 comments (clear)

  1. Details Sorely Lacking by SkiifGeek · · Score: 4, Interesting

    Yeah, the article is lacking in details, which is unfortunate. Here is a nice little summary of not only the article, but also the speculation and arguments that have formed around the claims on a number of mailing lists.

    --
    InfoSec that matters, when it counts.
  2. As an asside: by T-Ranger · · Score: 3, Interesting

    Does anyone here think that embedding Acrobat into a browser is a good idea? Ignoring the plethora of stupid people who use PDF when HTML would work better, even.