Hi Everyone, Mark Yason here from IBM X-Force. Last month, we saw the first in-the-wild exploit [1] capable of escaping the Adobe Reader sandbox, a security feature added in Adobe Reader in 2010 to limit the impact of successful exploitation of Reader vulnerabilities. In this post, I’ll describe the sandbox vulnerability that was leveraged by the exploit and the same vulnerability I found in the sandbox feature of the Adobe Flash Player for Firefox.
read more.........https://www-304.ibm.com/connections/blogs/xforce/entry/a_buffer_overflow_and_two_sandbox_escapes?lang=en_us