|
From: | Nala Ginrut |
Subject: | Re: Verifying Toolchain Semantics |
Date: | Mon, 6 Oct 2014 16:25:04 +0800 |
On Sun, Oct 5, 2014 at 11:15 AM, Nala Ginrut <address@hidden> wrote:
>
> Alright, I changed a system and try it again with evince successfully.
> Anyway, I did't find any maths or special symbols in it, so it could be
> published on your blog as plain text. But you may insist on the opinion of
> PDF.
There is another reason why I use PDF. It's much nicer to read. I love
Garamond. Did you see the Jobs movie? Do you remember what he said
about Garamond?
What we really need to do is find out what software Mark was using to
pdf->png. If it segfaults then there is a good chance that that bug
can be turned into a working exploit. Because all binaries distributed
by the binary-distributors are identical, attackers can analyse the
file and work out how to turn a bad pointer dereference into an
exploitable "PDF attack vector" which executes binary code contained
in the PDF.
[Prev in Thread] | Current Thread | [Next in Thread] |