[转帖]Acrobat Acrobat Font Parsing Integer Overflow Vulnerability
发表于:
2010-8-15 17:01
[转帖]Acrobat Acrobat Font Parsing Integer Overflow Vulnerability
From the authors site:
In this article, I'm going to share with you my observations and analysis on recent Adobe Acrobat Font Parsing vulnerability. Source document exists here:
http://securityevaluators.com/files/papers/CrashAnalysis.pdf (page 51-58)
After reading the paper, I started studying the TTF format. After initial research, I wrote this script:
Writeup and proof of concept files included in archive file.
http://www.exploit-db.com/sploits/VA010-003.tgz
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
