February 26, 2009, 10:57AM
Adobe PDF exploit code analysis
Comment Websense researcher Hermes Li has posted a blow-by-blow walkthrough (with screenshots) of the Adobe Acrobat/Reader vulnerability that's currently under attack.
Excerpt from the blog post:
"This vulnerability is different than the one found at the end of last year (Exploit Action with PDF OpenAction) in Adobe PDF reader. This vulnerability allows the attacker to overwrite memory with executable shell code that uses "Heap Spray" technology in Javascript when parsing a specially crafted JBIG2Decode image object."
Also see: Adobe under fire for poor security response.
Recommended Reads
Commenting on this Article is closed.
Today's Most Popular
- Yahoo Includes Private Key in Source File For Axis Chrome Extension
- Researchers Unveil New Way to Trust Certificates
- DNSChanger Lingers: 330k Systems Still Infected, 77,000 In The U.S.
- Defense Contractor Northrop Grumman Hiring For Offensive Cyber Ops
- Common Firewall Feature Enables TCP Hijacking Attacks
Most Commented Stories
-
Forget 'Brogrammers,' Women Have The Edge In DEFCON Social Engineering Contest (10)
-
Defense Contractor Northrop Grumman Hiring For Offensive Cyber Ops (12)
-
HULK DDoS Tool Smash Web Server, Server Fall Down (4)
-
Facebook Cancellation Malware Disguised As Adobe Update Making Rounds (3)
-
Iranian Students Claim to have Stolen Thousands of Researcher's Records (2)
Newsletter Sign-up
Take Our Poll
The Internet Crime Complaint Center recently warned of malware targeting travelers connecting to Wi-Fi. When traveling, do you
Connect to anything
21%
Only connect to password-protected, secure connections
39%
Only use websites with HTTPS
27%
I don’t pay attention to how I access the internet while traveling
13%
Total votes: 70
Follow Threatpost
 |  |  |  |
| Tumblr |
