Hello everyone, I am very fascinated with CVE-2011-3402 malware. The only resource i have so far is the Blackhat presentation, GDI Font Fuzzing in Windows Kernel for Fun. I was wondering if you can share the sample TTF (EOT) file or any file that has embedded the font.
The vulnerability is - TrueType Font Parsing Vulnerability
Here are few of the samples in virustotal:
- SHA256 196c3e10bc46e2b70ef5f9798e41ced89a3a81080310fa299147c18466587033 (https://www.virustotal.com/en/file/196c ... /analysis/)
- SHA256 f7999582407e9c4d94016ddbb9fa0679e0c5b0c12fde18e5983c02aa2c10f7f0 (https://www.virustotal.com/en/file/f799 ... /analysis/)
CVE Detail can be found at https://cve.mitre.org/cgi-bin/cvename.c ... -2011-3402
Thank you
The vulnerability is - TrueType Font Parsing Vulnerability
Here are few of the samples in virustotal:
- SHA256 196c3e10bc46e2b70ef5f9798e41ced89a3a81080310fa299147c18466587033 (https://www.virustotal.com/en/file/196c ... /analysis/)
- SHA256 f7999582407e9c4d94016ddbb9fa0679e0c5b0c12fde18e5983c02aa2c10f7f0 (https://www.virustotal.com/en/file/f799 ... /analysis/)
CVE Detail can be found at https://cve.mitre.org/cgi-bin/cvename.c ... -2011-3402
Thank you
