Have you done any work, or seen any exploits which use the OpenAction[1] which can then launch applications[2], do URI actions, or embedded goto actions? It seems that these would be potential attack vectors for sites which do nasty things such as browser exploits, or at a minimum could be used for tracking and information gathering. None of this would require javascript, but I'm not sure if there are other protections in place.
Yes, I've done tests with this using Adobe and Foxit. You can find it on my blog (sorry, can't post links in comment here).
Adobe Reader will ask permission for every action (like launching a program for an embedded file, launching your browser, turning on full screen, ...)
Previous versions of Foxit didn't ask for permission when the browser was launched to vist a website (/AA + /URI), but they fixed this when I reported it.
Have you done any work, or seen any exploits which use the OpenAction[1] which can then launch applications[2], do URI actions, or embedded goto actions? It seems that these would be potential attack vectors for sites which do nasty things such as browser exploits, or at a minimum could be used for tracking and information gathering. None of this would require javascript, but I'm not sure if there are other protections in place.
[1] p74 of PDF 1.7 spec
[2] p418 of PDF 1.7 spec
ilredil 2 years ago
Yes, I've done tests with this using Adobe and Foxit. You can find it on my blog (sorry, can't post links in comment here).
Adobe Reader will ask permission for every action (like launching a program for an embedded file, launching your browser, turning on full screen, ...)
Previous versions of Foxit didn't ask for permission when the browser was launched to vist a website (/AA + /URI), but they fixed this when I reported it.
dist67 2 years ago
great video man thanks!
multitouchy 2 years ago