Acrobat Acrobat Font Parsing Integer Overflow Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Acrobat Acrobat Font Parsing Integer Overflow Vulnerability
# Published : 2010-08-14
# Author : Ramz Afzar
# Previous Title : Computer Associates Advantage Ingres 2.6 Denial of Service Vulnerabilities
# Next Title : Brazip 9.0 (.zip File) Buffer Overflow (SEH)

From the authors site:

In this article, I'm going to share with you my observations and analysis on recent Adobe Acrobat Font Parsing vulnerability. Source document exists here:

http://securityevaluators.com/files/papers/CrashAnalysis.pdf (page 51-58)

After reading the paper, I started studying the TTF format. After initial research, I wrote this script:

Writeup and proof of concept files included in archive file.

http://www.exploit-db.com/sploits/VA010-003.tgz