Monday, January 25, 2010

Jan 25 CVE-2009-4324 / CVE-2007-5659.+ Senate Hearing Mon, 25 Jan 2010 08:26:21 -0500

Download F40376D0C1EB19A7774D32D6229D0465-_Principles_of_U.S._Engagement_in_Asia.pdf as a password protected archive (contact me for the password, if you need it) 

 Our friends are back to work

-----Original Message-----
From: John Podesta []
Sent: 2010-01-25 8:26 AM
Subject: Senate Hearing


Please find a brief summary attached from the Senate Foreign Relations hearing on U.S. engagement in Asia. If you have any questions, let me know.



-- - Does exactly what it says on the tin

Received: from ([])
  by compute2.internal (MEProxy); Mon, 25 Jan 2010 08:26:21 -0500
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed;; h=message-id:from:to:mime-version:content-transfer-encoding:content-type:subject:date; s=smtpout; bh=ng4E/QdtxV52NTUAT6gbX2Ew3F4=; b=E+0YqT6P96wnUiPL1KNReFQgdedM7m6qy+gJ9TmcrB5CXkmeEUkmXwXcdbosmxc718UjqekIHDjBLh7KmoKv7xMIwCbbc66R331JAEDidLAZPmsirzfyOibUOomr0UBbgZQPCBblE9CyDLpS+JeeQkn39Yr/2BAlL+C6EGqBxEY=
Received: by (Postfix, from userid 99)
    id 4BBFC13C6D4; Mon, 25 Jan 2010 08:26:21 -0500 (EST)
Message-Id: <>
X-Sasl-Enc: 288Nt5DLYAY30Gwky/FEfHiS1HJH/n/PNyw8xtVHdQO/ 1264425981
From: "John Podesta" << fake
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_126442598138531"
X-Mailer: Webmail Interface
Subject: Senate Hearing
Disposition-Notification-To: "John Podesta"
Date: Mon, 25 Jan 2010 05:26:21 -0800

File Principles_of_U.S._Engagement_in_ received on 2010.01.25 17:21:36 (UTC)
Result: 4/40 (10.00%)
AntiVir 2010.01.25 HTML/Malicious.PDF.Gen
eSafe 2010.01.25 PDF.Exploit
McAfee-GW-Edition 6.8.5 2010.01.25 Script.Malicious.PDF.Gen
NOD32 4805 2010.01.25 PDF/Exploit.Gen
Additional information
File size: 148870 bytes
MD5   : f40376d0c1eb19a7774d32d6229d0465

File Principles of U.S. Engagement in Asia.pdf
MD5 f40376d0c1eb19a7774d32d6229d0465
Analysis Started 2010-01-25 09:28:27
Report Generated 2010-01-25 09:29:33
Jsand 1.03.02 malicious Use-after-free vulnerability in the method in Adobe Reader and Acrobat 8.0 through 9.2 CVE-2009-4324
EXECUTABLE SCAN: Embedded Executable (xor/full)
Encrypted embedded executable with a key of 256 bytes.
Exploit method detected as pdfexploit - PDF Exploit call to Collab.collectEmailInfo CVE-2007-5659.
Confidence ranking: 100 (14 hits).
PDF Exploit suspicious use of util.printd CVE-2008-2992 [util.printd]

No comments:

Post a Comment