Full Disclosure mailing list archives
Re: On the iPhone PDF and kernel exploit
From: Jose Miguel Esparza <jesparza () eternal-todo com>
Date: Fri, 06 Aug 2010 17:29:29 +0200
Robert S'wie;cki escribió:
<cite>"At the moment there's no available patch so it's recommended some type of mitigation and to be careful with the visited links"....</cite> The fix seems to be here: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=11d65e8a1f1f14e56148fd991965424d9bd1cdbc (http://www.kb.cert.org/vuls/id/275247) I wonder if this was in any way inspired by my previous bugreport in June (the same piece of code, slightly different attack vector). https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2497 http://savannah.nongnu.org/bugs/index.php?30083 Maybe, maybe not..
I'll update my post, because the day I published it there was no clues about this vuln... Thanks! -- Jose Miguel Esparza http://eternal-todo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: On the iPhone PDF and kernel exploit, (continued)
- Re: On the iPhone PDF and kernel exploit Zach C (Aug 04)
- Re: On the iPhone PDF and kernel exploit Pablo Ximenes (Aug 04)
- Re: On the iPhone PDF and kernel exploit Marcello Barnaba (void) (Aug 04)
- Re: On the iPhone PDF and kernel exploit Ryan Sears (Aug 05)
- Re: On the iPhone PDF and kernel exploit Sabahattin Gucukoglu (Aug 05)
- Re: On the iPhone PDF and kernel exploit Mario Vilas (Aug 05)
- Re: On the iPhone PDF and kernel exploit Benji (Aug 05)
- Re: On the iPhone PDF and kernel exploit Sagar Belure (Aug 05)
- Re: On the iPhone PDF and kernel exploit Jose Miguel Esparza (Aug 06)
- Re: On the iPhone PDF and kernel exploit Robert Święcki (Aug 06)
- Re: On the iPhone PDF and kernel exploit Jose Miguel Esparza (Aug 06)
- Re: On the iPhone PDF and kernel exploit Jose Miguel Esparza (Aug 24)