Skip to content
Browse files

Readme updated

  • Loading branch information...
1 parent 37ae458 commit 06875bf7759ca3fb3313b4f14087e5e3f2530cfc @Cr4sh committed Jun 12, 2012
Showing with 8 additions and 0 deletions.
  1. +8 −0 README.TXT
View
8 README.TXT
@@ -31,3 +31,11 @@ EXAMPLE:
See Release\BrushScriptStd_Fuzzing.bat - you can run this scenario to start fuzzing with the Brush Script Std Regular font.
+This fuzzer helps me to find remote (client-side) DoS 0day vulnerability in Windows kernel, with invalid decoding of 0x0d byte in the Type 2 Charstring Format Glyph, that drops ATMFD.DLL code into the infinite loop.
+
+PoC code: http://dl.dropbox.com/u/22903093/blog/CFF_Type-1_0x0d_expl/CFF_Type-1_0x0d_expl.rar
+
+Detailed analysis (russian): http://blog.cr4.sh/2012/06/0day-windows.html
+
+
+

0 comments on commit 06875bf

Please sign in to comment.
Something went wrong with that request. Please try again.