In-Reply-To: <0I5H001195EBYO@xxxxxxxxxxxxx> This can be defeated by disallowing multimedia operations in the "Trust Manager" settings. I'm not sure I want to the other setting labeled "Allow documents to open other files and launch other applications" either, but it doesn't have an affect on Jelmer's example. - Nick > >Adobe acrobat / Adobe Reader 6 can read local files > >Description > >Acrobat/ Acrobat reader is software for viewing and printing Adobe Portable >Document Format (PDF) files. Adobe PDF files can be viewed on most major >operating systems. > >Version 6 of this program has an issue with the way it handles embedding >macromedia flash files directly into a pdf. This allows a malicious website >operator to steal local files from a user's hard drive including cookie >files > >Technical Details: > >Version 6 of the pdf format introduced a new way to embed movies directly >into the pdf file. In previous versions one could only link to media in >external files > >Adobe reader extracts this swf file from the pdf and saves it under a random >name to your temp dir, on windows XP and 2000 this dir is usually located at > >C:\Documents and Settings\<username>\Local Settings\Temp > >It then appears to "link" directly to this saved file in effect making your >local hard disk the codebase for this swf file and allowing it read access >to all of the files on your hard drive > >Systems affected: > >Adobe reader 6 >Adobe acrobat 6 > >Demonstration: > >Create a text file called c:\jelmer.txt then proceed to click on > >http://62.131.86.111/security/acrobat/demo.pdf > >Risk: medium > > >
