Tag: Adobe

Heap spraying browsers using Adobe Flash’s ActionScript

It’s been a while since my last post so I thought I’d post this article on heap spraying using Adobe Flash which I have been working on to get a better understanding of the ActionScript language, hopefully it will benefit some readers to test their security layers in their own environment. After analysing some actual…


Adobe Reader X start-up issue with PGP Desktop

In this post I am providing a solution to a problem some of our users had encountered. When users were starting up Adobe Reader X an exception was triggered in process AcroRd32.exe. Observing the crash details the memory addresses was always the same and module was always pgphk.dll. Taking a look at the properties of…


Adobe 0-day vulnerability embedded malware (CVE-2010-1297)

After a week of this 0-day vulnerability being reported a number of posts have been published over the last few days detailing the disassembled malicious flash (swf) file exposing the invalid byte triggering the vulnerability. The vulnerability is caused when handling a “newfunction” instruction by Adobe’s ActionScript Virtual Machine 2 (AVM2). The vulnerability lies in…