[转帖]Acrobat Acrobat Font Parsing Integer Overflow Vulnerability
发表于:
2010-8-15 17:01
3638
[转帖]Acrobat Acrobat Font Parsing Integer Overflow Vulnerability
From the authors site:
In this article, I'm going to share with you my observations and analysis on recent Adobe Acrobat Font Parsing vulnerability. Source document exists here:
09bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4W2j5%4g2J5K9i4c8&6k6i4k6S2L8s2g2S2N6r3!0J5M7#2)9J5k6h3y4G2L8g2)9J5c8X3k6A6L8r3g2K6i4K6u0r3M7r3q4H3k6i4u0K6i4K6u0r3b7%4u0S2M7$3S2m8L8X3q4D9P5i4y4A6M7#2)9J5k6i4m8V1k6R3`.`. (page 51-58)
After reading the paper, I started studying the TTF format. After initial research, I wrote this script:
Writeup and proof of concept files included in archive file.
7ceK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3g2^5M7r3I4G2K9i4c8Q4x3X3c8V1j5W2)9J5k6h3y4G2L8g2)9J5c8Y4y4H3L8r3!0A6N6s2y4Q4x3V1k6h3b7e0l9I4x3q4)9J5k6o6l9H3x3#2)9J5k6i4c8Y4P5R3`.`.
[培训]科锐软件逆向54期预科班、正式班开始火爆招生报名啦!!!
