Members
Stats
  • Total Posts: 28514
  • Total Topics: 8240
  • Online Today: 816
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: PDF Vulnerability Now Exploitable With No Clicking (JBIG2 vulnerability)  (Read 1924 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


"With Adobe's patch for the current PDF vulnerability still some time away, news has emerged of more techniques that are available to exploit the vulnerability, this time without needing the victim to actually open a malicious file. Instead, the methods make use of a Windows Explorer Shell Extension that is installed alongside Adobe Reader, and which will trigger the exploitable code when the file is interacted with in Windows Explorer. Methods have been demonstrated of successful exploitation with a single click, with thumbnail view, and with merely hovering the mouse cursor over the affected file. There are many ways that exploits targeting the JBIG2 vulnerability could be hidden inside a PDF file, and it seems that the reliability of detection for these varying methods is spotty, at best."

(Slashdot)

Samker's Computer Forum - SCforum.info





Steve_53

  • SCF Member
  • **
  • Posts: 15
  • KARMA: 9
  • Gender: Male
I am constantly downloading (work related and other) PDF files - is there ANYTHING currently available that can be used to scan PDF files to detect JBIG2?

Steve
No trees were harmed in the creation of this post, but a significant number of electrons were highly inconvienenced.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
I am constantly downloading (work related and other) PDF files - is there ANYTHING currently available that can be used to scan PDF files to detect JBIG2?

Steve

I think that CheckPoint have (authors of Zona Alarm Firewalls) have some solution.

Take a look here: http://www.checkpoint.com/defense/advisories/public/announcement/022509-adobe-pdf-protection.html

Also Steve, if you find something interesting for SCF Community please make new Topic with protection solutions and recommendations ...




 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising