Bugtraq mailing list archives
Re: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow
From: "Eric C. Lukens" <eric.lukens () uni edu>
Date: Wed, 25 Mar 2009 14:20:40 -0500
I noticed that as well, but suspected they were notified via more then one mechanism or had already found the bug internally. I find it funny that they had the final code ready on the 28th, but still didn't get it out to the public for another 2 weeks. I suppose they ran it through one last QA procedure, or they just don't like to deliver things early.
-Eric -------- Original Message --------Subject: Re: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow
From: Florian Weimer <fw () deneb enyo de> To: Secunia Research <remove-vuln () secunia com> Cc: bugtraq () securityfocus com Date: 3/25/09 11:42 AM
* Secunia Research:====================================================================== 5) SolutionUpdate to version 7.1.1, 8.1.4, or 9.1.====================================================================== 6) Time Table06/03/2009 - Vendor notified. 07/03/2009 - Vendor response. 25/03/2009 - Public disclosure.Something doesn't add up because the 9.1 binary I've got was created on February 28th, according to Verisign's time stamping signature in the Authenticode signature.
-- Eric C. Lukens IT Security Policy and Risk Assessment Analyst ITS-Network Services Curris Business Building 15 University of Northern Iowa Cedar Falls, IA 50614-0121 319-273-7434
Current thread:
- Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Secunia Research (Mar 25)
- Re: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Florian Weimer (Mar 25)
- Re: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Eric C. Lukens (Mar 25)
- Re[2]: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Vladimir '3APA3A' Dubrovin (Mar 25)
- Re: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Eric C. Lukens (Mar 25)
- Re: Secunia Research: Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow Florian Weimer (Mar 25)