Tag Archives: PDF
Vulnerability in PDF Reader – from Foxit
This time a new security vulnerability has been found and already fixed with an updated version within the alternative PDF reader from Foxit.With providing manipulated PDF files for example via email or web sites, users of outdated versions Foxit PDF … Continue reading
New polymorphic malicious PDFs
Our malware traps caught several malicious PDF files recently which tried to evade detection by using so-called polymorphism. Our investigation started with a direct comparison of two of these malware samples. The PDFs use the same template with different content … Continue reading
iPad, iPhone and iPod owners at risk
As has been reported by the media, there is a very easy to use “Jailbreak” website available – just by visiting the website and pulling a slider, it removes security mechanisms which tie the mobile Apple gadgets to Apples AppStore. … Continue reading
Closer Look on a PDF Exploit
As there are attacks on vulnerabilities in the most popular PDF Reader from Adobe, we regularly inspect the samples closer in our Avira VirusLab. This time we looked at an older exploit which Avira antimalware solutions detect as EXP/Pdfka.bmq. The … Continue reading
Security hole in Adobe Reader and Acrobat
Adobe is currently investigating a new security hole in Reader and Acrobat. Cybercriminals are currently spamming emails with prepared documents which lead to an infection of the computer with malware. The PDF document abuses a buffer overflow in a new … Continue reading
Adobe Acrobat and Reader JavaScript Vulnerability
Adobe issued a warning about a buffer overflow vulnerability in all recent versions of Acrobat Reader and Adobe Acrobat. Attackers can inject malicious code into computers with specially prepared PDF documents. While Adobe announces an Update for the affected software … Continue reading
Pidief-Shellcode with a Twist
While analysing the latest malicious PDF exploit documents, we found the embedded shellcode to have some interesting features. The shellcode gets executed once the exploit was successful. The payload of the PDF is contacting a server in China – so … Continue reading
Evil JavaScript: Webpage- and PDF-Threat
Malicious exploitation of older security vulnerabilities target users of Adobe Reader and Acrobat Professional versions before 8.1.2. The vast majority of todays PDF exploit samples still target an old buffer overflow vulnerability which the Common Vulnerabilities and Exposures project lists … Continue reading