[virusinfo] Adobe ActiveX allows file discovery - 4/27/05

• From: "Mike" <mikebike@xxxxxxxxx>
• To: virusinfo@xxxxxxxxxxxxx
• Date: Wed, 27 Apr 2005 15:51:58 -0700

From; Panda Oxygen3:

"Without words, without writing and without books there would be no history,
                  there could be no concept of humanity" 
             Hermann Hesse (1877-1962), German-born Swiss writer 

                   - Adobe ActiveX allows file discovery - 
         Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com) 

Madrid, April 27 2005 - A vulnerability has been reported within the Adobe
Reader and Acrobat web control.  This vulnerability means that, under
certain circumstances, the Internet Explorer ActiveX control can make it
possible to discover the existence of local files by monitoring the
behavior of certain methods.

Adobe Reader contains a Safe for Scripting method with the definition of
"VARIANT_BOOL LoadFile([in] BSTR FileName)". A malicious user could take
advantage of this if they get their victim to access the website controlled
by the attacker.  On the website, the attacker can call the LoadFile
method, passing in a local file name on their victim's computer.  In this
way the attacker would be able to determine whether a certain file was
present on the victim's system.

Although it is not possible to get the contents of the file, this method
can be useful to attackers to know the path or presence of certain files. 
Although this does not allow attackers to take complete control of the
system, it can be used as part of more complex attacks.

Adobe has reported this situation at
http://www.adobe.com/support/techdocs/331465.html and recommended 
updating to version 7.0.1 of the product.

NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.

------------------------------------------------------------ 

The 5 viruses most frequently detected by Panda ActiveScan, Panda
Software's free online scanner: 
1)Netsky.P; 2)Mhtredir.gen; 3)Agent.PF; 4)Qhost.AF; 5)Downloader.CGD.

------------------------------------------------------------
To contact with Panda Software, please visit:
http://www.pandasoftware.com/about/contact/
------------------------------------------------------------

*********** MIKE"S REPLY SEPARATOR  ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages  http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance  and OWTA Charter Member 

Other related posts:

• » [virusinfo] Adobe ActiveX allows file discovery - 4/27/05

1. Home
2. virusinfo
3. Archive
4. 04-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---