Re: Vulnerability (critical): Digital signature for Adobe Acrobat/Reader plug-in can be forged
From: Dan Harkless (bugtraq@harkless.org)
Date: 03/26/03
- Previous message: Dr. Peter Bieringer: "Re: Check Point FW-1: attack against syslog daemon possible"
- Maybe in reply to: Vladimir Katalov: "Vulnerability (critical): Digital signature for Adobe Acrobat/Reader plug-in can be forged"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Dan Harkless" <bugtraq@harkless.org> To: bugtraq@securityfocus.com Date: Wed, 26 Mar 2003 10:35:13 -0800
Vladimir Katalov <info@elcomsoft.com> writes:
> We were able to write a 'fake' plug-in "fakecert.api" which does
> nothing, but being loaded by Adobe Acrobat (and Reader) 4 and 5
> as the certified one even in 'trusted' mode, though we don't have
> a 'Reader Integration Key' (this plug-in has been provided only to
> Adobe and CERT). When installed into 'plug_ins' subfolder, plug-in
> is being loaded every time when Adobe Acrobat (or Reader) starts, and
> shows a simple message box.
For those of us not familiar with Acrobat plugins, is there some facility
for the program retrieving/installing plugins automatically, or, to exploit
this would you need to entice a user to manually place your .api file in
their "plug_ins" directory (or run an installer program that would do so, in
which case you could run arbitrary code anyway in the installer)?
-- Dan Harkless bugtraq@harkless.org http://harkless.org/dan/
- Previous message: Dr. Peter Bieringer: "Re: Check Point FW-1: attack against syslog daemon possible"
- Maybe in reply to: Vladimir Katalov: "Vulnerability (critical): Digital signature for Adobe Acrobat/Reader plug-in can be forged"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
