Here another vuln I found in the last days on Speedy-Shop 2.0 CMS… the threat was fixed very quickly, nice job!
I just finished to build a security component for joomla, this addon allow you to create a fingerprint scan for each file on your site so will be easy to find hacked files.
I was been in contact with the staff of such company and they fixed the vulnerabilities. Now the cms is safe from any type of attack. I must say also that they are a very kind and qualified team… Finally has been a pleasure to work with them.
This post is related to the previous article, here you can find a solution to block definitively the threatening commands on Adobe reader.
Lately there is a real explosion of new attack vectors, in fact today is really simple to include an evil payload into a picture, an office doc or a pdf. This type of weakness afflict a very large range of targets and can be used to exploit local applications or web server with a minimal or null user interaction.
Also the detection of such threats is not so simple due to the nature of the vulnerability. Now I will show few of these methods applied to real applications and services.