Well I've been busy, AFA 2009 CyberSpace Symposium, tracking down cool crashes, booking DefCon travel, and my job (herding cats at Sourcefire World Domination HQ). But better late than never right?

June 9th, Adobe released


Which was described as

"This update resolves a memory corruption vulnerability that could potentially lead to code execution (CVE-2009-1859)."

This was the bug found during my DojoSec talk back in April, which was entitled: 1 Byte , 5 Minutes , Holy Hot Tuna (see it here: http://vimeo.com/4110571. This bug was really more like "1 Byte, 9 Minutes, this looks really difficult to make reliable."

Additionally it's covered by Snort Rule SID 15562