CVE-2009-0927, P.O.C.?

[Catter]

I just accidentally run pdf file CVE-2009-0927.pdf, from CVE-2009-0927 pack,
when antivirus was disabled.
Although this pack marked as exploit and technical report note, I'm not
sure, can it contain link to real malware or virus when exploit executed?
pdf size is124KB

http://www.coromputer.net/CVE-2009-0927_package.zip

 

[Tom Willett]

You think anyone would be foolish enough to click on the link you posted?

:I just accidentally run pdf file CVE-2009-0927.pdf, from CVE-2009-0927
pack,
: when antivirus was disabled.
: Although this pack marked as exploit and technical report note, I'm not
: sure, can it contain link to real malware or virus when exploit executed?
: pdf size is124KB
:
:

 

[Catter]

You think anyone would be foolish enough to click on the link you posted?

:I just accidentally run pdf file CVE-2009-0927.pdf, from CVE-2009-0927
pack,
: when antivirus was disabled.
: Although this pack marked as exploit and technical report note, I'm not
: sure, can it contain link to real malware or virus when exploit
executed?
: pdf size is124KB
:
:

 

[Tom Willett]

: ---------------
: if you afraid click on link, how do you use Internet at all?

You really don't get it, do you? No wonder you get malware.
:

 

[Michael]

You posted a link to a file that may be a virus. You do the math, moron!

 

[Elmo]

You posted a link to a file that may be a virus. You do the math, moron!

No, he posted a link to a file that _contained_ a virus (or some type of
malware). Or at least that's how Avast! saw it. Since it was a .zip
file, I thought I'd click it, and just not unzip the file.. Avast!
caught it before the "page" loaded.

 

[Michael]

No, he posted a link to a file that _contained_ a virus (or some type of
malware). Or at least that's how Avast! saw it. Since it was a .zip
file, I thought I'd click it, and just not unzip the file.. Avast!
caught it before the "page" loaded.

....and your point is?

 

[T Shadow]

No, he posted a link to a file that _contained_ a virus (or some type of
malware). Or at least that's how Avast! saw it. Since it was a .zip
file, I thought I'd click it, and just not unzip the file.. Avast!
caught it before the "page" loaded.

"In all the excitement I can't remember, did I shoot five, or six? You've
got one question to ask yourself, do you feel lucky, punk? Well, ...

 

[Elmo]

"In all the excitement I can't remember, did I shoot five, or six? You've
got one question to ask yourself, do you feel lucky, punk? Well, ...

Agreed, that was pretty risky.. I won't do that again. I noticed that
after I clicked the link, my download folder had an empty .zip file PLUS
an external file. I just didn't see how a .zip file could be dangerous
unless files were actually extracted and executed, but I seem to
remember reading in a Trend Micro newsletter about a couple of new
exploits, and I suspect this was one of them.