Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Adobe Acrobat pushstring Memory Corruption paper - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Adobe Acrobat pushstring Memory Corruption paper

Abysssec posted a very interesting paper analyzing the pushstring memory corruption vulnerability (CVE-2010-2201).

Read the paper at Original Adobe advisory at 

-- Manuel Humberto Santander Peláez | | | msantand at isc dot sans dot org

Manuel Humberto Santander Pelaacuteez

195 Posts
ISC Handler
Sep 12th 2010
And the paper analyzing a pdf exploit is posted in a pdf! I hope everyone is using gpdf or sumatra. It used to be we spent a lot of time testing and patching MS OSs. Now we could consume all our time just patching adobe acrobat and flash (and verifying flash removed the older vulnerable version). I wish I could eliminate these product but they seem to become more ubiquitous. Is it time to go back to txt and html only?

Sign Up for Free or Log In to start participating in the conversation!