Adobe Acrobat pushstring Memory Corruption paper

Published: 2010-09-12
Last Updated: 2010-09-12 20:32:33 UTC
by Manuel Humberto Santander Pelaez (Version: 1)
1 comment(s)

Abysssec posted a very interesting paper analyzing the pushstring memory corruption vulnerability (CVE-2010-2201).

Read the paper at Original Adobe advisory at 

-- Manuel Humberto Santander Peláez | | | msantand at isc dot sans dot org

1 comment(s)


And the paper analyzing a pdf exploit is posted in a pdf! I hope everyone is using gpdf or sumatra. It used to be we spent a lot of time testing and patching MS OSs. Now we could consume all our time just patching adobe acrobat and flash (and verifying flash removed the older vulnerable version). I wish I could eliminate these product but they seem to become more ubiquitous. Is it time to go back to txt and html only?

Diary Archives