February 26, 2009, 10:57AM
Adobe PDF exploit code analysis
Comment Websense researcher Hermes Li has posted a blow-by-blow walkthrough (with screenshots) of the Adobe Acrobat/Reader vulnerability that's currently under attack.
Excerpt from the blog post:
"This vulnerability is different than the one found at the end of last year (Exploit Action with PDF OpenAction) in Adobe PDF reader. This vulnerability allows the attacker to overwrite memory with executable shell code that uses "Heap Spray" technology in Javascript when parsing a specially crafted JBIG2Decode image object."
Also see: Adobe under fire for poor security response.
Recommended Reads
Commenting on this Article is closed.
Today's Most Popular
Most Commented Stories
-
Attackers Using Fake Google Analytics Code to Redirect Users to Black Hole Exploit Kit (8)
-
Twenty Something Asks Facebook For His File And Gets It - All 1,200 Pages (56)
-
Phony Temple Run Game For Android Plays On Android-iOS App Gap (3)
-
How Offensive Research Drives Down the Cost of Attacks (2)
-
Google Begins Security Review Process for Android Apps (2)
Newsletter Sign-up
Take Our Poll
Follow Threatpost
 |  |  |  |
| Tumblr |
