Apparent distrust of Adobe PDF Reader has increased the popularity of my preferred alternate PDF application, Sumatra PDF. It appears that the popularity has also attracted additional attention. From
Security Focus:
Sumatra PDF is prone to an unspecified denial-of-service vulnerability.
An attacker can exploit this issue to crash the affected application, resulting in a denial-of-service condition.
Sumatra PDF 1.1 is vulnerable; other versions may also be affected.
From the exploit information at
Security Focus:
Vulnerability Detection Time : 21st June 2010, 1:13 AM
Tested on version 1.1 of Sumara PDF Reader
Nature : Accidental Discovery
Description : Sumatra PDF Reader crashed while testing recovered PDF
Files from a HardDisk. PDF Files recovered using Forensic
Tools were large in size. DoS code has been optimised to
implement the crash with reduced file-size.
Notes : This source can be modified after analyzing the crash appcompat
files to write shell bind / other payloaded exploits.
Sumatra PDR Reader crashed when PDF Files were already
associated to launch it.
