Full Disclosure mailing list archives
Re: Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox
From: Rohit Patnaik <quanticle () gmail com>
Date: Tue, 13 Oct 2009 19:45:23 -0500
Are there any available workarounds that would mitigate the threat? I suppose I could just upload all my PDFs to Google Docs in the meantime, but I'm looking for something that I could use while offline... --Rohit Patnaik On Tue, Oct 13, 2009 at 7:35 PM, mrx <mrx () propergander org uk> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 No, I installed latest updates prior to testing. They should be aware of this however considering what appear to be striking similarities in the code base between Foxit and Adobe readers, at least as far as shared bugs go. If not they will be aware of this after they read the email I sent them. MrX Rohit Patnaik wrote:Has Foxit released an update for this? --Rohit Patnaik On Tue, Oct 13, 2009 at 6:40 PM, mrx <mrx () propergander org uk> wrote: It would appear that Foxit reader version 3.1.1.0928 is also vulnerable to this memory corruption flaw. Foxit reader was also vulnerable to the JPEG2000/JBIG2 decoder bug. Makes me wonder how much code is common to both Adobes and Foxits PDF readers MrX Berend-Jan Wever wrote:Adobe bulletin: http://www.adobe.com/support/security/bulletins/apsb09-15.html Short description and repro case:http://skypher.com/index.php/2009/10/13/memory-corruption-when-loadingunloading-adobe-objects-through-embed-tag-in-firefox/Cheers, SkyLined <http://skypher.com/index.php/2009/10/13/memory-corruption-when-loadingunloading-adobe-objects-through-embed-tag-in-firefox/Berend-Jan Wever <berendjanwever () gmail com> http://skypher.com/SkyLined----------------------------------------------------------------------_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBStUc0LIvn8UFHWSmAQIITggAxL/oV6LGNuqfXj59xbV3fLAdh/6aeE7I hna0TysRDSi/bN+lE/JLyh+F8WDdr/uNb4Kzc+mTEd5vVqTp2Qlw5ctkQu9AcCxn Gk9khwhgRkxYfE/DF9RsFluRMacEaYMUNuectMz+ViCiLhYiLSBrcN9N6khSBIHZ o8ttvZBlt9ovlIu08dmuexcIVpIax8SHJj+lPWtuuRYNw/PB02hu3Pnm839nP0cD o8ZQPXkG7zvVgBVdMoVCGLWkMgw1T9P73+32TqTC7aAuY9mwRWhG3o2LZo+/Iicl Z/uIBT74SWzWZOdhzwdQdlXpmKXad1A8W7XxqfFLhea6WYmbj/MzHg== =bPXc -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox Berend-Jan Wever (Oct 13)
- Re: Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox mrx (Oct 13)
- Re: Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox Rohit Patnaik (Oct 13)
- Message not available
- Re: Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox mrx (Oct 13)
- Re: Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox Rohit Patnaik (Oct 13)
- Re: Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox mrx (Oct 13)
- Re: Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox Rohit Patnaik (Oct 13)
- Re: Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox mrx (Oct 13)
- Re: Memory corruption when loading/unloading Adobe objects through EMBED tag in Firefox mrx (Oct 13)