Dailydave mailing list archives
JBIG falls without JavaScript
From: dave <dave () immunityinc com>
Date: Tue, 03 Mar 2009 14:06:40 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Downloadable here, for those of you with CANVAS Early Update Subscriptions: http://www.immunityinc.com/ceu-index.shtml So things like this are harder than they look - Pablo and Kostya had to work quite a bit on reliability every step of the way. But the Acrobat JBIG exploit now works nicely without any JavaScript heap spray. For those of you with the exploit that was caught in the wild, how reliable is that one? What versions of Acrobat Reader does it work on? - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkmtf8AACgkQtehAhL0gheoN+ACfcEPl1ADGcc9ouGVhgeR46qFe dl8AniOrku/5H/WfNMug95zN4LwS7XIt =CE+o -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- JBIG falls without JavaScript dave (Mar 03)
- Re: JBIG falls without JavaScript Pusscat (Mar 03)
- Re: JBIG falls without JavaScript Thorsten Holz (Mar 06)
- Re: JBIG falls without JavaScript dave (Mar 06)