Monday, September 18, 2006

 

PDF back doors

Here is a report of two PDF "back door" exploits.

The first exploit causes a specified URI to be launched when a document is opened. It appears that this is done simply by including a URI action (see Chapter 8 of the PDF specification, "URI Actions") in the PDF. It's thus very simple to have a PDF document cause the user's browser to open a URL which could contain malicious content, and the problem appears to be in the format specification, not in an Acrobat bug. The example linked to from the article opens a harmless URL.

"Back door" implies the use of an undocumented feature, so it isn't really a back door exploit, but a demonstration that a feature can be abused.

Labels:


# posted by Gary McGath @ 1:00 PM 0 comments

Friday, September 01, 2006

 

Technonerdgirl

I'd just like to offer a plug for my friend Debbie Ohi's new blog, Technonerdgirl. It's mostly about CSS from a web designer's standpoint rather than a developer's, but may be of interest to some.


# posted by Gary McGath @ 2:19 PM 0 comments

This page is powered by Blogger. Isn't yours?

free hit counters
free hit counters
hits since 30-Oct-2006
Copyright 2004-2008 Gary McGath. All rights reserved. Permission is granted to publish feeds of this blog on the Internet, provided the content is not altered and credit is given.