[Mimedefang] PDF vulnerability
shiva at sewingwitch.com
Tue Feb 24 18:27:08 EST 2009
--On Tuesday, February 24, 2009 2:42 PM -0500 "Kevin A. McGrail"
<kmcgrail at pccc.com> wrote:
> I don't know. I don't think many people have much information about the
The blog link I posted earlier indicates that it's the jbig2 decompression
code that fails with a crafted jbig2 object, and shows how to trigger it.
object is decompressed, it crashes into the code. So even if you disable
JS, you still get a crash, just not an easy way to get it to jump to code
the attacker controls.
The patch (in the form of a replacement DLL) addresses the bug in the
decompresser, and causes a popup error message, instead.
More information about the MIMEDefang