It appears that the first Milw0rm PoC is surely related to JBIG2, US-CERT's http://www.kb.cert.org/vuls/id/905281 points to Milw0rm's #8090.
Juha-Matti nick hatch [[email protected]] kirjoitti: > On Mon, Feb 23, 2009 at 1:56 PM, Dragos Ruiu <[email protected]> wrote: > > > > > On 23-Feb-09, at 1:16 PM, nick hatch wrote: > > > > Anyone know about a proof-of-concept PDF for this one? eg something that > > uses a PDF to launch calc or similar. AV vendors are promising detection, > > but I'd love to get my hands on something that I can use to test our > > perimeter and the vectors for this myself. > > > > > > Are you talking about last week's Adobe PDF 0day, or this morning's one? > > > > http://milw0rm.com/exploits/8099 > > > > I was thinking last week's, but they both would be handy. Can anyone comment > more on the relationship between the exploits? They sound quite similar, and > AFAIK there still aren't many details on the former besides Shadowserver > saying "yup we confirmed it." > > Do they both depend on JBIG2? > _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
