首頁 > Exploits > CVE-2010-0188, APSB10-07 PDF Exploit demonstration

CVE-2010-0188, APSB10-07 PDF Exploit demonstration

2010年2月24日 發表評論 閱讀評論

Adobe Reader has been recently updated to version 9.3.1, fixing a vulnerability for LibTiff  "TIFFReadDirectory" function.

This vulnerability originated from  CVE-2006-3459 was reported by Tavis Ormandy, Google Security Team. Adobe just fixed AcroForm.api file ,but ImageConversion.api still have a vulnerability too.

When program load or insert a crafted TIFF image file,the stack of return-addr and SEH can be overflowed by bad fetching data operation.

Categories: Exploits Tags:
  1. ZAREMA
    2010年3月20日12:39 | #1
    回覆 | 引用

    Thanks the author for article. The main thing do not forget about users, and continue in the same spirit.

    [回應]

  1. 2010年2月25日09:16 | #1
    Why even BOTHER reporting bugs to vendors? at The Hacker News Network
  2. 2010年2月26日23:25 | #2
    Happy Friday! | Information Armor