Browse > Home / IT Magazine / Safe orgnaization: PDF newest flaw brings about thousands of user to suffer attack

Safe orgnaization: PDF newest flaw brings about thousands of user to suffer attack

February 13, 2008

[dispatch of Sai Di net] on Feburary 12 message, week of safe research organization shows, adobe Reader software is newest a flaw of exposure is used by baleful aggressor already had 3 weeks at least, this orgnaization estimation is affected the amount of the user so far ” already had thousands of person ” .

According to foreign media coverage, adobe Systems last week 2 admit, its used extensive PDF software to discover several flaw, nevertheless company immediately released flaw patch, but the specific amount that it has not announced flaw and harm degree. The Internet storm center of SANS institute subordinate (ISC) with VeriSign company subordinate IDefense branch expresses, have a flaw among them at least from already was used by big range since January 20. ISC analyst Sailesi expresses collect Er · , the PDF file that carries baleful code from be located in Dutch a server sends a trojan outwards ceaselessly. Sailesi expresses, the forum of a network that appeared in Italy on January 20 in the light of the message of the incident of the first attack of this flaw, an user says 3 his PC are affected, aggressor IP address is tracked show come from Yu Helan.

Last week 5, IDefense issued 3 safe warnings, among them enumerate the more detail that Adobe company already repaired flaw last week. Safe warning says, greg Makemanniusi is in IDefense researcher early to will discover last year in September and reported relevant flaw, safe warning says, flaw appears in the course that runs JavaScript program in Adobe Reader software, specific it is to be in point to the library and ask to offer add mix closely appear when autograph attestation.

Among them a safe warning that mentions JavaScript flaw says, adobe Reader and Adobe Acrobat ” in JavaScript in moving, discovered several Stack-based buffer spills over flaw ” , “Aggressor may use afore-mentioned flaw to run code forcibly on the PC of current user ” .

What the attack that forum of a network of Italian mentioned on January 20 uses is a flaw of JavaScript. According to speculation, afore-mentioned leak are completely possible by the researcher of Immunity Qin Siji of · take an examination ofing mentioned Kesiteya last week attack of notional test and verify is used, because should be atttacked,also using hole of the spill and leakage outside the inn that IDefense already reported likewise. Immunity last week 4 in ” CANVAS brief ” the complete function flaw that afore-mentioned courses revise the lieutenant general is called ” hole of the spill and leakage outside JavaScript inn ” .

An analyst of the Tie Ke that surpass the door expresses, afore-mentioned attack may result from the baleful advertisement document that is brought by the PDF file that the lawful site of capture passes JavaScript or IFrame points to or be murdered site. This analyst expresses, aggressor may the PDF accessory that coax user opens one rubbish mail to bring, he did not disclose by the specific amount of aggressor, but call total number the likelihood ” achieved thousands of ” .

This analyst still expresses, the detailed circumstance of relevant and safe flaw has been announced probably before Adobe is repaired.

Last week 4, adobe issued a safe announcement newly on its website, but the detail that did not allude to already repaired flaw among them. In announcement, adobe listed the following individual that discovers flaw the earliest and orgnaization: The TippingPoint branch of company of the researcher of Manniusi, Gu Ge, Fortinet, 3Com company mixes the mark of IDefense company New Zealand safety seeks advice from orgnaization Security-Assessment.com.

Tags: , , , , , ,

Written by ITTech · Filed Under IT Magazine