Hi, When I was reading the report about Charlie Miller's fuzzing experiment in PDF[1], I am quite eager to see all his crashes[2], to confirm whether they are covered by my recent PDF-specific exploitation research.
Feel free to have a general idea about the research in following blog post. It also involves a PDF zero-day (working exploit), but it won't be the key part right now. http://blog.fortinet.com/the-upcoming-blackhat-europe-2010-presentation/ [1] http://garwarner.blogspot.com/2010/04/pwn2own-fuzzing.html [2] http://infosecevents.net/wp-content/uploads/2010/03/IMG_7909.jpg _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
