From; Panda Oxygen3: "Without words, without writing and without books there would be no history, there could be no concept of humanity" Hermann Hesse (1877-1962), German-born Swiss writer - Adobe ActiveX allows file discovery - Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com) Madrid, April 27 2005 - A vulnerability has been reported within the Adobe Reader and Acrobat web control. This vulnerability means that, under certain circumstances, the Internet Explorer ActiveX control can make it possible to discover the existence of local files by monitoring the behavior of certain methods. Adobe Reader contains a Safe for Scripting method with the definition of "VARIANT_BOOL LoadFile([in] BSTR FileName)". A malicious user could take advantage of this if they get their victim to access the website controlled by the attacker. On the website, the attacker can call the LoadFile method, passing in a local file name on their victim's computer. In this way the attacker would be able to determine whether a certain file was present on the victim's system. Although it is not possible to get the contents of the file, this method can be useful to attackers to know the path or presence of certain files. Although this does not allow attackers to take complete control of the system, it can be used as part of more complex attacks. Adobe has reported this situation at http://www.adobe.com/support/techdocs/331465.html and recommended updating to version 7.0.1 of the product. NOTE: The address above may not show up on your screen as a single line. This would prevent you from using the link to access the web page. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL. ------------------------------------------------------------ The 5 viruses most frequently detected by Panda ActiveScan, Panda Software's free online scanner: 1)Netsky.P; 2)Mhtredir.gen; 3)Agent.PF; 4)Qhost.AF; 5)Downloader.CGD. ------------------------------------------------------------ To contact with Panda Software, please visit: http://www.pandasoftware.com/about/contact/ ------------------------------------------------------------ *********** MIKE"S REPLY SEPARATOR *********** Mike ~ It is a good day if I learned something new. Editor MikesWhatsNews see a sample on my web page http://www3.telus.net/mikebike <mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe> http://www3.telus.net/mikebike/worm_removal.htm See my Anti-Virus pages http://virusinfo.hackfix.org/index <virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe> A Technical Support Alliance and OWTA Charter Member