Monday, December 21, 2009

Dec. 21 Adobe 0 Day CVE-2009-4324 PDF Attack of the Day SEF preparatory discussions list 陸委會轉寄 海基會、海協會協商代表團預備性磋商名單 from Mon, 21 Dec 2009 20:37:15 +0800

Download infected pdf 海基會協商代表團預備性磋商名單.pdf as Password protected, please use the same as on other CVE-2009-4324 files or contact me for the password

Yawn.  Here is one more. 

From: macnews []
Sent: Monday, December 21, 2009 7:37 AM
Subject: 陸委會轉寄 海基會、海協會協商代表團預備性磋商名單


__________ Information from ESET NOD32 Antivirus, version of virus signature database 4707 (20091221) __________The message was checked by ESET NOD32 Antivirus.
Here is a terrible machine translation but it is easy to understand that the mailing is fueled by the recent news, namely, the talks between the ARATS  (Association for Relations Across the Taiwan Straits) and SEF (Straits Exchange Foundation)  in Taichung tomorrow, December 22, 2009.

From: macnews [mailto:]
Sent: Monday, December 21, 2009 7:37 AM
Subject: MAC forwarding SEF and ARATS consultations, the delegation of the list of preliminary consultations
Hello, see attached third Consultative SEF and ARATS delegation of the list of preliminary consultations provided for your reference, thank you. 

Received: from [] (
  by with ESMTP;
 Mon, 21 Dec 2009 22:16:35 +0900 (KST)
Message-ID: <1975e5623c$23fce32a$0ae1d8b4@macnews212af2ce2>
From: "macnews"
Subject: =?big5?B?s7CpZbd8wuCxSCCu/LDyt3yhQq78qPO3fKjzsNOlTqrtuc65d7PGqcq9UrDT?=
Date: Mon, 21 Dec 2009 20:37:15 +0800
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579

ISP: Pacnet
Organization: APPCO Pte Ltd
Proxy: None detected
Type: Cable/DSL
State/Region: 00
City: Singapore
Latitude: 1.2931
Longitude: 103.8558

File _________________________________ received on 2009.12.21 22:19:31 (UTC)
Result: 4/40 (10%)
nProtect 2009.1.8.0 2009.12.21 Exploit.PDF-JS.Gen.C02
PCTools 2009.12.21 HeurEngine.MaliciousExploit
Sunbelt 3.2.1858.2 2009.12.21 Exploit.PDF-JS.Gen (v)
Symantec 2009.12.21 Bloodhound.Exploit.288  = CVE-2009-4324 Information from Symantec
Additional information
File size: 127728 bytes
MD5...: 0ab2fd3b6c385049f9eb4a559dbdc8a6 

File 海基會å�”商代表團é �備性磋商å��å–®.pdf
MD5 0ab2fd3b6c385049f9eb4a559dbdc8a6
Analysis Started 2009-12-21 15:35:47
Report Generated 2009-12-21 15:35:55
Jsand version 1.03.02

Detection results
Detector Result
Jsand 1.03.02 malicious
Name Description Reference Use-after-free vulnerability in the method in Adobe Reader and Acrobat 8.0 through 9.2 CVE-2009-4324

No comments:

Post a Comment