Adobe Acrobat Font Parsing Integer Overflow Vulnerability

Published: 2010-08-05
Last Updated: 2010-08-05 17:19:32 UTC
by Manuel Humberto Santander Pelaez (Version: 1)
5 comment(s)

Charlie Miller discovered a integer overflow error in CoolType.dll when parsing the maxCompositePoints field value in the Maximum Profile table of a TrueType font. PDFs containing specially crafted TrueType fonts can trigger this vulnerability.

Want more information? Check the following document from pages 51 to 58:

-- Manuel Humberto Santander Peláez | | | msantand at isc dot sans dot org

5 comment(s)
Diary Archives