Malware Domain List
Malware Related => Tools of the trade / Internet News => Topic started by: SysAdMini on October 08, 2009, 07:52:43 pm
-
http://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_issue_1.html
-
New Adobe Zero-Day Exploit
http://blog.trendmicro.com/new-adobe-zero-day-exploit/
-
66753CADCB8BD537AF50F2AE92D7627B
-
66753CADCB8BD537AF50F2AE92D7627B
I have tested this sample multiple times in VMWARE using AR 9.1.3. It didn't infect my machine.
AR sometimes crashed, nothing else.
-
So this means it doesnt work for everybody or just for you?
???
FFS, I wish I had a dollar for everytime I jumped the gun like that! :D
-
So this means it doesnt work for everybody or just for you?
???
Someone else reported that it worked in about 10-15 % of his tests.
-
I dont think we ever really kept count, Id say 6 of 10 worked for the setup we had built based on target machines setup.
-
Latest PDF Zero Day Leads to Exploit Egg Hunt
http://www.avertlabs.com/research/blog/index.php/2009/10/13/latest-pdf-zero-day-leads-to-exploit-egg-hunt/
-
Update: PDFiD Version 0.0.9 to Detect Another Adobe 0Day
http://blog.didierstevens.com/2009/10/13/update-pdfid-version-0-0-9-to-detect-another-adobe-0day/
PDFiD is updated to detect the latest Adobe 0day, CVE-2009-3459.
I’ll provide more details in an upcoming post, just now for know that PDFiD detects a /Colors name followed by a very big number (larger than 2^24 or 16777216).
(http://didierstevens.files.wordpress.com/2009/10/pdfid009.png?w=315&h=139)
-
Message from Didier Stevens on Twitter:
Not good! My PoC for CVE-2009-3459 still crashes Adobe Reader 9.2.0. Informed Adobe PSIRT