- CVE-2009-4324 Use-after-free vulnerability in the Doc.media.newPlayer method in Adobe Reader and Acrobat 8.0 through 9.2, and possibly earlier versions, allows remote attackers to execute arbitrary code using ZLib compressed streams, as exploited in the wild in December 2009.
Sent: 2010-01-21 9:44 AM
Subject: Cyber Warfare and Cyber Terrorism
Dear Initiative Working Group member,
We hope that you find this report thought-provoking, and look forward to receiving your comments at any time. We also
apologize if you have already received this report.
Hope it will be help for your work and also your suggestions will be appreciated.
Director, Initiative for U.S.-China Cooperation on Energy and Climate
Asia Society, Center for U.S.-China Relations
1575 Eye St., NW, Suite 325
Washington, D.C., 20005
Phone: (202) 414-2802 (o); (571) 276-1020 (m)
File Cyber_Warfare_and_Cyber_Terrorism received on 2010.01.21 17:49:00 (UTC)
Result: 8/41 (19.51%)
AntiVir 22.214.171.124 2010.01.21 HTML/Malicious.PDF.Gen
Avast 4.8.1351.0 2010.01.21 JS:Pdfka-VO
AVG 126.96.36.1990 2010.01.21 Script/Exploit
GData 19 2010.01.21 JS:Pdfka-VO
Kaspersky 188.8.131.52 2010.01.21 Exploit.JS.Pdfka.bex
McAfee 5867 2010.01.20 Exploit-PDF.b.gen
McAfee+Artemis 5867 2010.01.20 Exploit-PDF.b.gen
McAfee-GW-Edition 6.8.5 2010.01.21 Script.Malicious.PDF.Gen
File size: 435947 bytes
MD5 : cb92ceff7d73c3ec002cd42165685aa1
File Cyber Warfare and Cyber Terrorism.pdf
Analysis Started 2010-01-21 10:11:26
Report Generated 2010-01-21 10:11:30
Jsand 1.03.02 benign
Cyber Warfare and Cyber Terrorism.pdf:
EXECUTABLE SCAN: Embedded Executable (xor/full)
Encrypted embedded executable with a key of 256 bytes.
Exploit method detected as pdfexploit - PDF Exploit call to media.newPlayer CVE-2009-4324.
Confidence ranking: 100 (10 hits).