Adobe Acrobat pushstring Memory Corruption paper

Published: 2010-09-12. Last Updated: 2010-09-12 20:32:33 UTC
by Manuel Humberto Santander Pelaez (Version: 1)
1 comment(s)

Abysssec posted a very interesting paper analyzing the pushstring memory corruption vulnerability (CVE-2010-2201).

Read the paper at http://www.exploit-db.com/download_pdf/14983. Original Adobe advisory at http://www.adobe.com/support/security/bulletins/apsb10-15.html 

-- Manuel Humberto Santander Peláez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org

Keywords: Adobe Acrobat CVE20102201
1 comment(s)

Comments

And the paper analyzing a pdf exploit is posted in a pdf! I hope everyone is using gpdf or sumatra. It used to be we spent a lot of time testing and patching MS OSs. Now we could consume all our time just patching adobe acrobat and flash (and verifying flash removed the older vulnerable version). I wish I could eliminate these product but they seem to become more ubiquitous. Is it time to go back to txt and html only?

Rodger

Sep 13th 2010
1 decade ago

Login here to join the discussion.


Top of page
Diary Archives