Business IT - Technology for your business

No. 1 Story

Cloud alliance sides with Optus on copyright

OzHub, the Macquarie Telecom-led cloud computing alliance, has come down firmly on the side of Optus over the copyright controversy surrounding Optus TV Now, warning that any moves to change the law "risk branding Australia a global luddite state."

 read more
StumbleUponSubmit to redditShare this on TwitterShare on facebook | Print |PDF 

More From

20 exploitable flaws in Apple's Preview: researcher

Stephen Withers
Friday, 19 March 2010 10:17

Business IT - Security

Page 1 of 2

A prominent security researcher claims to have found 20 exploitable flaws in the Preview utility provided in Apple's Mac OS X to display PDF and other types of file. He's also found several in mainstream Adobe, Microsoft and open source applications.


Microsoft Office 365 Get your free Trial

Related Articles

Charlie Miller is a security researcher noted for his success in two successive Pwn2Own contests at CanSecWest security conferences, and for demonstrating ways of attacking mobile phones.

In an interview with Forbes, Miller claimed to have found 20 exploitable bugs in Preview, and three or four in each of Adobe Reader, Microsoft PowerPoint, and OpenOffice.

He used a technique called fuzzing - changing a random bit in a document to see if it causes the application to crash - to find nearly 1000 bugs in the programs.

If error checking is done properly as a document is read by an application, there should be no possibility of a crash occurring. Human nature being what it is, programmers rarely cater for every possibility.

Miller examined those 1000-odd crashes, and identified around 30 situations that could be used to take control of the program concerned.

So what are Miller's plans? See page 2.


Start 1 2 Next 

Sponsored Announcements

Eaton’s Innovative Rack Power Distribution Solutions Offer High-Accuracy Power Monitoring and Management at the Individual Outlet Level

David Bass | Diversified industrial manufacturer Eaton Corporation has today launched a new set of enclosure power distribution units, ePDUs, that prov…

You may have missed


Advertisement

- sponsored feature -

The Death of Traditional BI: What’s Next?

How to Make Business Discovery Work for Your Business IP PABX BUYING GUIDE

Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases