Adobe Reader for Android exposes several insecure Javascript interfaces. This issue can be exploited by opening a malicious PDF in Adobe Reader.Adobe Reader for Android allows users to work with PDF documents on an Android tablet or phone. According to Google Play, the app is installed on 100 million to 500 million devices.
Exploiting this issue allows for the execution of arbitrary Java code, which can result in a compromise of the documents stored in Reader and files stored on SD card.
An attacker can create a specially crafted PDF file containing Javascript that runs when the target user views this PDF file. Using any of the Javascript objects listed above provides the attacker access to the public Reflection APIs inherited from Object. These APIs can be abused to run arbitrary Java code.
The following proof of concept will create a text file in the app sandbox.
Adobe released version 11.2.0 of Adobe Reader that add @JavascriptInterface annotations to public methods that should be exposed in the Javascript interfaces. In addition, the app now targets API Level 17 and contains a static method that is used to check the device's Android version.
Author Venkatesh Yalagandula Follow us Google + and Facebook and Twitter
No comments:
Post a Comment