6th July 2010
|
|
Administrator
|
|
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,131
|
|
Adobe's protection against embedded scripts incomplete
From http://www.h-online.com/security/new...e-1033144.html
Quote:
|
In a post on their blog, Security firm Bkis report that the protection against /launch attacks, introduced in Adobe Reader and Acrobat with update 9.3.3, is still incomplete. By enclosing the commands embedded in PDF documents in double quotation marks, protection can be bypassed and programs can be launched – although a warning dialogue requiring user confirmation is displayed.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|