Via 9bplus.com (Brandon Dixon) -
Before I went to bed last night I took a look at uploaded files to PDF X-RAY in hopes that Christmas would come early (CVE-2011-2462 in my reports) and was surprised when I came across a file with /U3D references. I snatched the file off the server, opened up my snapshots to the latest 9.4 build of Adobe and ran the file. Reader crashed, and a new document was successfully opened. That was enough to stay up, so analysis started and can be found below.
Read the full analysis by Brandon @ 9bplus.com
--------------------------------------
Mila Parkour also links to Brandon's analysis and adds additional information over at Contagio.
No comments:
Post a Comment