http://www.milw0rm.com/exploits/6994
-------------------
This exploit is related to CVE-2008-2992.
A boundary error exists when parsing format strings containing a floating point specifier in the "util.printf()" Javascript function. This can be exploited to cause a stack-based buffer overflow via a specially crafted PDF and allows execution of arbitrary code.
Independently discovered by:
* Dyon Balding, Secunia Research.
* Peter Vreugdenhil via ZDI.
It is recommended to upgrade to version Adobe Reader 9 or update to version Adobe Reader 8.1.3 - http://www.adobe.com/support/security/bulletins/apsb08-19.html
No comments:
Post a Comment