A Castle Made Of Sand: Adobe Reader X Sandbox presented at Hackito Ergo Sum 2011

by Richard Johnson (Sourcefire ),

Tags: Security

Summary : Adobe Reader is one of the most widely installed software applications on the planet. The vast complexity of the PDF format results in a huge attack surface that has lead to a high number of vulnerabilities. Adobe has decided the best approach to combat this exposure is to integrate mitigations into Adobe Reader in the form of a sandbox. A sandbox is intended to limit an attacker after they have gained code execution in the process through an exploit. This talk will dissect the Adobe sandbox technology and expose weaknesses in the design and implementation including ASLR & DEP bypass, data exfiltration abilities, and more.