http://blog.didierstevens.com/2010/07/04/quickpost-preventing-the-launch-action-cmd-exe-bypass/ (blog 'DidierStevens) Sat, 11 Feb 2012 16:16:49 +0000 hourly 1 http://wordpress.com/ http://blog.didierstevens.com/2010/07/04/quickpost-preventing-the-launch-action-cmd-exe-bypass/#comment-41883 Sat, 19 Feb 2011 21:21:48 +0000 http://blog.didierstevens.com/?p=2183#comment-41883 [...] Stevens – Preventing the /launch action « cmd.exe » bypass – http://blog.didierstevens.com/2010/07/04/quickpost-preventing-the-launch-action-cmd-exe-bypass/9 – aout 2010 – Bkis – Adobe fixed /launch function vulnerability – [...]

]]> http://blog.didierstevens.com/2010/07/04/quickpost-preventing-the-launch-action-cmd-exe-bypass/#comment-39173 Mon, 19 Jul 2010 22:26:10 +0000 http://blog.didierstevens.com/?p=2183#comment-39173 [...] Stevens (well known for his research on Adobe Reader’s /launch feature) tested the exploit with his Ariad tool [...]

]]> http://blog.didierstevens.com/2010/07/04/quickpost-preventing-the-launch-action-cmd-exe-bypass/#comment-39167 Mon, 19 Jul 2010 17:55:57 +0000 http://blog.didierstevens.com/?p=2183#comment-39167 [...] Stevens (well known for his research on Adobe Reader’s /launch feature) tested the exploit with his Ariad tool [...]

]]> http://blog.didierstevens.com/2010/07/04/quickpost-preventing-the-launch-action-cmd-exe-bypass/#comment-39082 Mon, 12 Jul 2010 10:31:48 +0000 http://blog.didierstevens.com/?p=2183#comment-39082 [...] Quickpost: Preventing the /Launch Action “cmd.exe” Bypass – didierstevens.com Adobe has released a new Adobe Reader version that contains functionality to block my /Launch action PoC, but Bkis found a bypass. [...]

]]> http://blog.didierstevens.com/2010/07/04/quickpost-preventing-the-launch-action-cmd-exe-bypass/#comment-39070 Fri, 09 Jul 2010 10:55:53 +0000 http://blog.didierstevens.com/?p=2183#comment-39070 [...] Problemet beskrivs på IDG men kan beskrivs mer tekniskt här. [...]

]]> http://blog.didierstevens.com/2010/07/04/quickpost-preventing-the-launch-action-cmd-exe-bypass/#comment-39067 Thu, 08 Jul 2010 13:01:23 +0000 http://blog.didierstevens.com/?p=2183#comment-39067 [...] procedurer i vår Community samt att vi även har en fix på gång för detta problem. Kanske inte så stor attackyta på detta än, men varför inte se till [...]

]]> http://blog.didierstevens.com/2010/07/04/quickpost-preventing-the-launch-action-cmd-exe-bypass/#comment-39063 Wed, 07 Jul 2010 04:11:56 +0000 http://blog.didierstevens.com/?p=2183#comment-39063 [...] researcher Didier Stevens posted in his blog the reason why the bug remains unfixed: I did some research and discovered that Adobe implemented a [...]

]]> http://blog.didierstevens.com/2010/07/04/quickpost-preventing-the-launch-action-cmd-exe-bypass/#comment-39060 Tue, 06 Jul 2010 21:05:50 +0000 http://blog.didierstevens.com/?p=2183#comment-39060 @Ted Wood The /Launch action is supported on *Nix and Mac editions of Adobe Reader too, and they’ve also add this blacklist.

]]> http://blog.didierstevens.com/2010/07/04/quickpost-preventing-the-launch-action-cmd-exe-bypass/#comment-39059 Tue, 06 Jul 2010 20:37:50 +0000 http://blog.didierstevens.com/?p=2183#comment-39059 Does this issue only affect Windows, or other platforms, as well? If it does affect other platforms, I wonder how they implemented the blacklist.

]]> http://blog.didierstevens.com/2010/07/04/quickpost-preventing-the-launch-action-cmd-exe-bypass/#comment-39058 Tue, 06 Jul 2010 12:55:59 +0000 http://blog.didierstevens.com/?p=2183#comment-39058 [...] [...]

]]>