FW: Adobe Acrobat and Reader PDF File Handling Remote Code Execution Vulnerability

[wullie19 at ntlworld.com (rogue)]

Thanks for the sample 
gives me something play with.

-rogue


>   _____
>
> From: webDEViL [mailto:w3bd3vil at gmail.com]
> Sent: Sunday, February 22, 2009 8:22 PM
> To: Aczire
> Cc: H D Moore; framework at spool.metasploit.com
> Subject: Re: [framework] Adobe Acrobat and Reader PDF File Handling 
Remote
> Code Execution Vulnerability
>
>
>
> I was looking into this.
> Just made a pdf which imitates the crash. Problem with the JBIG2 as the
> blog metnions.
> I am attaching the pdf, i.e. if the list lets it through. Should cause a
> crash on most of pdf readers whether linux/windows.
>
> I was stuck with the part where I tried some shellcode execution with JS,
> but since this is 0day acrobat crashes.
>
>
> Regards,
> webDEViL
>
>
>
>
> On Sun, Feb 22, 2009 at 7:44 PM, Aczire <aczire at gmail.com> wrote:
>
> Hi list,
> http://www.securityfocus.com/bid/33751
> http://vrt-sourcefire.blogspot.com/2009/02/have-nice-weekend-pdf-
love.html
> Any attempt to write an exploit for this one? Or any msf exploit in wild?
>
> Regards,
> acz
>
> _______________________________________________
> http://spool.metasploit.com/mailman/listinfo/framework