Tweet
pdf insecurity
This could be fun
This could be fun
-
-
If you're worried about launch action running executable script from within a pdf there are several options;
Use an old version of a pdf reader until the exploit is patched. Adobe reader version 5 doesn't support launch action for example, neither do early versions of Foxit (ver 1.3).
Secondly do what I do and use a sandbox. Here's a free one. You can then right click on any file, including pdf's and select 'run/open sandboxed'.
This exploit is not really a weakness in the pdf reader (although foxit will execute arbitrary embedded code without a warning window), it's more of a social exploit achieved by manipulating the text in the warning window. Just being aware of the problem should be sufficient to stop you from getting caught by it._______________________________________________
_______________________________________________ -
yep, pretty much. The real question here would be to ask yourself why you're opening dodgy PDFs in the first place.Comment
-
You have a good point, most of my dodgy stuff is jpeg or mp4 :-)_______________________________________________
_______________________________________________Comment
-
.3gp keep it on the move
Comment
Comment