Santosh Mallappa

Santosh Mallappa's entries

Junior Malware Analyst

He has 2 years of experience from analyzing malware for antivirus companies.

Adobe Reader PDF LibTiff Integer Overflow Code Execution Commento [2]

Santosh Mallappa April 22, 2010

Abstract

Vulnerability exists in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 where TIFF [Tagged Image File Format] is used to compile a PDF with shellcode which can do an arbitrary code execution making the host vulnerable. The twist is this does not use Java Script to do the exploit as we have seen for the past few days PDF Exploit mostly contains Java Script. After the exploit is done shellcode is executed triggering the malicious Trojan implanted in the system overriding the…

Ulteriori informazioni

Blog tags: Malware, Vulnerabilities / Exploits

Spam (10)

Vulnerabilities / Exploits (33)

Blog archive

August 2011 (1)

June 2011 (1)

May 2011 (2)

April 2011 (5)

March 2011 (5)

February 2011 (4)

January 2011 (11)

December 2010 (8)

November 2010 (5)

October 2010 (3)

September 2010 (5)

August 2010 (5)

July 2010 (3)

June 2010 (12)

May 2010 (5)

April 2010 (2)

March 2010 (2)

February 2010 (1)

January 2010 (2)

December 2009 (1)

October 2009 (5)

September 2009 (4)

August 2009 (1)

June 2009 (1)

May 2009 (3)

April 2009 (2)

March 2009 (8)

February 2009 (4)

January 2009 (2)

November 2008 (6)

October 2008 (5)

RSS FEEDS

Latest Security articles

Latest Blog items