Metasploit mailing list archives

adobe

From: w3bd3vil at gmail.com (webDEViL)
Date: Wed, 18 Mar 2009 02:51:19 +0530

Assigning 800mb wouldn't make the exploit work any better.
After my analysis, "I" do not think that this can be exploited reliably.
I believe the analysis you posted as well states the same thing. :)

Regards,
webDEViL

On Wed, Mar 18, 2009 at 1:04 AM, Nicolas Krassas <krasn at ans.gr> wrote:

 rogue, here are some more links maybe you will find something in there

http://rootof.info/800mb.pdf this one should open calc.exe and use ... 800
mb from the memory , was this also
http://securitylabs.websense.com/content/Blogs/3311.aspx mentioned earlier
?

Also the current exploit is downloading a file from
http://202.67.215.110/caonimabi.exe

according to
http://blog.didierstevens.com/2009/03/04/quickpost-jbig2decode-trigger-trio/ and
finally


http://www.secureworks.com/research/blog/index.php/2009/3/10/analysis-of-cve-2009-0658-adobe-reader-0day/ for
a detailed approach.

Sorry for double links ... bad habbit of deleting e-mails and then replying


Dinos

_______________________________________________
http://spool.metasploit.com/mailman/listinfo/framework

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090318/3301dec8/attachment.htm>

Current thread:

typo3 sa-2009-002 metasploit auxiliary spinbad (Mar 14)
- typo3 sa-2009-002 metasploit auxiliary H D Moore (Mar 14)
- adobe Nicolas Krassas (Mar 17)
  - adobe webDEViL (Mar 17)