Two Bytes to Rule Adobe Reader Twice: The Black Magic Behind the Byte Order Mark — ZeroNights 2019
ZeroNights 2019 | Zeronights 2019 EN | Program En | Two Bytes to Rule Adobe Reader Twice: The Black Magic Behind the Byte Order Mark
Two Bytes to Rule Adobe Reader Twice: The Black Magic Behind the Byte Order Mark
November 13, 13:00|45min|mir hall

Pwn Adobe Reader with malformed strings just like decades ago.

This presentation will discuss the following topics in detail:

  1. Root cause analysis of the vulnerabilities
  2. Methods to discover this kind of vulnerabilities
  3. Tricks to write working exploits for the vulnerabilities

Ke Liu

Ke Liu

Ke Liu is a senior security researcher of Tencent Security Xuanwu Lab. He has found hundreds of vulnerabilities in the world's most popular PDF readers which affect the products of Adobe, Apple, Foxit, Google, and Microsoft. He was one of the nominees of the Pwnie Awards 2017 (Epic Achievement). He once spoke at Black Hat Asia 2017. He successfully pwned Adobe Reader at Tianfu Cup 2018. He's also in MSRC top 100 list in 2016, 2017, and 2018.
Reports
Program
Reports
Program