Adobe Acrobat and Reader PDF File Handling JBIG2 Image Remote Code Execution Vulnerability

Symantec captured an attempt to exploit this issue as a part of a targeted attack in the wild via 'Trojan.Pidief.E'.

A working commercial exploit is available through VUPEN Security - Exploit and PoCs Service. This exploit is not otherwise publicly available or known to be circulating in the wild.

Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

The following commercial exploit is available for Immunity CANVAS:

https://www.immunityinc.com/downloads/immpartners/acrobat_jbig.tar.gz

The following proofs of concept and exploit are available:


 

Privacy Statement
Copyright 2010, SecurityFocus