Jan 3 2009 CVE-2009-4324 PDF DoD UAS ATC Procedures from matthew.s.allen2@gmail.com Sun, 3 Jan 2010 22:46:25 -0600

CVE-2008-0655 Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors.  
Update Aug26 (thanks to Jericho - Attrition.org)

CVE-2009-4324 Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.

Download DoD_UAS_Class_D_Procedures.pdf as 115A25093CB9062CC155508CDF878ACE-DoD_UAS_Class_D_Procedures.zip (password protected archive, please contact me for the password)

From: Allen, Matthew S Maj MIL USAF AF/A3O-AS [mailto:matthew.s.allen2@gmail.com]
Sent: Sunday, January 03, 2010 11:46 PM
Subject: 2009 DoD UAS ATC Procedures


Enclosed are revised ATC procedures for DOD Non-Joint-Use Airfields with associated Class D Airspace to operate DOD Unmanned Aircraft Systems for Service use effective on January 21, 2009. Please feel free to contact COL Robert Hess, who chaired the DOD UAS ATC procedures working group, at (703)806-4862, with any questions.


Signed; 04 Jan 10
Allen, Matthew S Maj
USAF AF/A3O-AS
DSN:703-697-8035

 The message sender was
    matthew.s.allen2@gmail.com
The message originating IP was 209.85.223.196 The message recipients were
xxxxxxxxxxxx
The message was titled 2009 DoD UAS ATC Procedures The message date was Sun, 3 Jan 2010 22:46:25 -0600 The message identifier was <9ae646dc1001032046i4f73e0cl8d6f3751020f0880@mail.gmail.com>
attach/5963820_3X_PM5_EMS_MA-PDF__DoD=5FUAS=5FClass=5FD=5FProcedures=5F=28signed=29.pdf: Infected: Exploit.JS.Pdfka.adn [AVP]


Virustotal
 http://www.virustotal.com/analisis/1769c9eb8fdb4942176ca2172de118df294ae785c03cca70bd6fee0c74dad2ce-1262924110

CVE-2009-4324  - Update Aug 26, 2010

 http://www.virustotal.com/analisis/1769c9eb8fdb4942176ca2172de118df294ae785c03cca70bd6fee0c74dad2ce-1274670528
File DoD_UAS_Class_D_Procedures__signe  received on 2010.05.24 03:09:12 (UTC)
Result: 24/41 (58.54%)
Antivirus     Version     Last Update     Result
a-squared    4.5.0.50    2010.05.10    Exploit.JS.Pdfka!IK
AhnLab-V3    2010.05.23.00    2010.05.22    PDF/Exploit
AntiVir    8.2.1.242    2010.05.23    EXP/Pidief.244965
Authentium    5.2.0.5    2010.05.23    PDF/Expl.GQ
BitDefender    7.2    2010.05.24    Exploit.PDF-JS.Gen
CAT-QuickHeal    10.00    2010.05.21    Exploit.PDF.FlateDecode
ClamAV    0.96.0.3-git    2010.05.22    Exploit.PDF-6260
Comodo    4927    2010.05.24    UnclassifiedMalware
DrWeb    5.0.2.03300    2010.05.24    Exploit.PDF.687
eTrust-Vet    35.2.7503    2010.05.21    PDF/Pidief.G!generic
F-Prot    4.6.0.103    2010.05.23    PDF/Pidief.BO
F-Secure    9.0.15370.0    2010.05.23    Exploit.PDF-JS.Gen
GData    21    2010.05.24    Exploit.PDF-JS.Gen
Ikarus    T3.1.1.84.0    2010.05.24    Exploit.JS.Pdfka
Kaspersky    7.0.0.125    2010.05.23    Exploit.JS.Pdfka.adn
McAfee    5.400.0.1158    2010.05.24    Exploit-PDF.b
McAfee-GW-Edition    2010.1    2010.05.23    Exploit-PDF.b
Microsoft    1.5802    2010.05.24    Exploit:JS/Heapspray
Norman    6.04.12    2010.05.23    JS/Shellcode.HQ
nProtect    2010-05-23.01    2010.05.23    Exploit.PDF-JS.Gen
PCTools    7.0.3.5    2010.05.24    Trojan.Pidief
Sophos    4.53.0    2010.05.24    Troj/PDFJs-GQ
Sunbelt    6346    2010.05.24    Trojan.PDF.Pidief.b (v)
Symantec    20101.1.0.89    2010.05.24    Trojan.Pidief
Additional information
File size: 890083 bytes
MD5...: 115a25093cb9062cc155508cdf878ace


Wepawet
benign
http://wepawet.cs.ucsb.edu/view.php?hash=115a25093cb9062cc155508cdf878ace&type=js