Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Adobe Acrobat pushstring Memory Corruption paper - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Adobe Acrobat pushstring Memory Corruption paper

Abysssec posted a very interesting paper analyzing the pushstring memory corruption vulnerability (CVE-2010-2201).

Read the paper at http://www.exploit-db.com/download_pdf/14983. Original Adobe advisory at http://www.adobe.com/support/security/bulletins/apsb10-15.html 

-- Manuel Humberto Santander Peláez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org

Manuel Humberto Santander Pelaacuteez

185 Posts
ISC Handler
And the paper analyzing a pdf exploit is posted in a pdf! I hope everyone is using gpdf or sumatra. It used to be we spent a lot of time testing and patching MS OSs. Now we could consume all our time just patching adobe acrobat and flash (and verifying flash removed the older vulnerable version). I wish I could eliminate these product but they seem to become more ubiquitous. Is it time to go back to txt and html only?
Anonymous

Sign Up for Free or Log In to start participating in the conversation!