Web2Secure: Web Security Blog

We are non-funded group of security enthusiast who contributes and updates to community with latest security treats. Use and handle whatever links shared within website could be harmful to your systems with own risks. Feel free to use the contents for commercial or non-commercial purposes. We're very appreciating if using our useful information’s to your website by referring back to this original website. Donation or clicking on ads is most welcome to continue maintains costs for this website.

Saturday, April 25, 2009

PDF exploits in wild

As promised, I will posting some relates to PDF exploits. Lots of malicous websites hosting and manipulates the PDF exploits. The malicious links were planted inside some legitimate websites and users will no doubt when surfing and opening pdf file when pop up in browsers.

Few old PDF exploits were identified for vulnerability in version 9.0 and earlier version of Adobe Reader application.

Below is one of the obfuscate example JavaScript codes that inside the PDF. It take two more steps to deobfuscate in order to get the final malicious link. Only few security vendors have ability to detect for the malicous file when submitted to famous free scanning website virustotal.

I will continuing post some related to PDF exploits for coming days. Stay tune......

Note:If you think the information benefit to you, click on advertisement column to support me in order pay for domain fees.

Web2Secure: Web Security Blog

Pages

Saturday, April 25, 2009

PDF exploits in wild

0 comments: