File format exploits are attacks that take advantage of a vulnerability in the way that an application processes data in a particular kind of file format, such as PDF, DOC, or JPEG. A file format exploit can run when a human target opens a attachment that contains the exploit. For example, you can attach a malicious Word document that contains an exploit, like MS11-006, to an e-mail. When the human target downloads and views the attachment (in thumbnail view), a session opens on the target’s machine and gives you a shell to access their system.