MOAB-06-01-2007: Multiple Vendor PDF Document Catalog Handling Vulnerability
The current PDF specification is affected by a design flaw: a rogue Pages entry or malicious catalog dictionary could cause a denial of service (memory corruption condition, memory leakage, etc) or potential arbitrary code execution in the reader application.
Further information:
One of those issues you "
can't" find with so-called
fuzzing, but instead reading
the format specification... KIBO. Tomorrow is Digest Day, stay tuned for the hate e-mail, hilarious comments, feedback and drama.
Link to MOAB-06-01-2007: Multiple Vendor PDF Document Catalog Handling Vulnerability