funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Adobe 0-day in the wild

From: nick hatch <nicholas.hatch () gmail com>
Date: Mon, 23 Feb 2009 15:32:39 -0800
On Mon, Feb 23, 2009 at 1:56 PM, Dragos Ruiu <dr () kyx net> wrote:



On 23-Feb-09, at 1:16 PM, nick hatch wrote:

Anyone know about a proof-of-concept PDF for this one? eg something that
uses a PDF to launch calc or similar. AV vendors are promising detection,
but I'd love to get my hands on something that I can use to test our
perimeter and the vectors for this myself.


Are you talking about last week's Adobe PDF 0day, or this morning's one?

http://milw0rm.com/exploits/8099



I was thinking last week's, but they both would be handy. Can anyone comment
more on the relationship between the exploits? They sound quite similar, and
AFAIK there still aren't many details on the former besides Shadowserver
saying "yup we confirmed it."

Do they both depend on JBIG2?

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: