(Collaborative post by Mateusz “j00ru” Jurczyk and Gynvael Coldwind)

Several months ago, we started an internal Google Security Team effort to improve the general security posture of the Chrome embedded PDF reader, in an approach similar to the Flash fuzzing performed several months ago by Tavis Ormandy. During the course of a few weeks, we built a solid corpus of PDF documents that we feel gets significant coverage of the Chrome PDF Reader’s code base and used it to shake out more than 50 low-to-high severity bugs. All of the high and critical severity bugs we discovered have been fixed in the stable channel [1] [2] [3] as of this posting; see examples: ...

Pełen post dostępny po angielskiej stronie lustra: click.

Comments:

2012-08-15 10:34:29 = are you sure ?
{
PDFł ?
}
2012-08-15 11:01:15 = Gynvael Coldwind
{
@are you sure ?
Ahahaha +1 :)
Dzieki, poprawione :)
}

Add a comment:

Nick:
URL (optional):
Math captcha: 1 ∗ 10 + 10 =