Loud

Ask me a question
or
Send me something interesting

I bloody called it

12 August 2010

From Apple patches iOS PDF flaw that allowed Web-based jailbreak:

A flaw in the open source FreeType library, used by iOS’s PDF rendering engine, could result in a stack buffer overflow when handling CFF font data. A specially crafted PDF, such as the one at jailbreakme.com, could exploit the flaw to execute arbitrary code.

I linked to Why NoScript Blocks Web Fonts in March which said this here thing:

It really worries me that the FreeType font library is now being made to accept untrusted content from the web.

The library probably wasn’t written under the assumption that it would be fed much more than local fonts from trusted vendors who are already installing arbitrary executable on a computer, and it’s already had a handful of vulnerabilities found in it shortly after it first saw use in Firefox.

Freetype is used in Firefox, all linux desktops, iOS and more. It’s not designed for this kind of exposure to the open web, whether via PDFs or @font-face. We’re going to see this attack vector again.

Baldur Bjarnason – Follow me on twitter because otherwise you might miss an update, and you don't want that, now do you?

  1. humorzo said: Yes you did!
  2. kvasir posted this
blog comments powered by Disqus
Permalink
Previous entry Next entry

Loud is a blog by Baldur Bjarnason who has a BA, MA and PhD in literature and interactive media (specialising in structure and experience design). He lives in Bristol, UK and works in web development, research, design and marketing.

If you want to keep up with updates my recommendation is to either subscribe to the feed or to follow me on twitter. Or .