The other day we got mailed a wave of PDF files aimed at exploiting CVE-2009-0658.
Does anyone have working generic signatures for documents with this exploit in? I've made an MD5 signature* for the particular document we got, & submitted it, but I know there are plenty of other similar documents out there... and I can't see how to make a generic signature myself without unpacking the PDFs with pdftk first. Cheers, Adam. * That's c8cab28e550f60468099f60a0b6ccb81 -- -------------------------------- Adam Stephens Network Specialist - Email & DNS adam.steph...@bristol.ac.uk _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
