Examples of de.pdf_scrutinizer.data.MethodVulnerability

de.pdf_scrutinizer.data.MethodVulnerability

    }


    public void newPlayer(Object o) {
        Reflect.getMethodName();
        if (o == null) {
            MethodVulnerability vuln = new MethodVulnerability("CVE-2009-4324", "media.newPlayer", "use-after-free");
            vuln.references.add("http://vrt-blog.snort.org/2009/12/adobe-reader-medianewplayer-analysis.html");
            scrutinizer.getAnalysisResult().vulnerabilityUsed(vuln);
        }
    }

View Full Code Here

        Reflect.getMethodName();
        //FIXME: are these the only vulnerable strings?
        String[] vuln_strs = {"%45000.45000f", "%45000f"};


        if (Arrays.asList(vuln_strs).contains(cFormat)) {
            MethodVulnerability vuln = new MethodVulnerability("CVE-2008-2992", "Util.printf", "buffer overflow");
            scrutinizer.getAnalysisResult().vulnerabilityUsed(vuln);
        } else {
            log.debug("util.printf(\"" + cFormat + "\")");
        }
    }

View Full Code Here

    }


    public void printSeps() {
        Reflect.getMethodName();


        MethodVulnerability vuln = new MethodVulnerability("CVE-2010-4091", "printSeps", "memory corruption");
        scrutinizer.getAnalysisResult().vulnerabilityUsed(vuln);
    }

View Full Code Here

                double param2 = Double.parseDouble(x.get(1, x).toString());
                double param3 = Double.parseDouble(x.get(2, x).toString());
                double param4 = Double.parseDouble(x.get(3, x).toString());


                if (param1 < 0 && param2 < 0 && param3 < 0 && param4 < 0) {
                    MethodVulnerability vuln = new MethodVulnerability("CVE-2009-1492", "getAnnots", "buffer overflow");
                    scrutinizer.getAnalysisResult().vulnerabilityUsed(vuln);
                }
            }


            page = Double.parseDouble(((NativeObject) o).get("nPage", (NativeObject) o).toString());

View Full Code Here

    }


    public boolean customDictionaryOpen(String cDIPath, String cName, boolean bShow) {
        Reflect.getMethodName();
        if (cName.length() > 1024) {
            MethodVulnerability vuln = new MethodVulnerability("CVE-2009-1493", "spell.customDictionaryOpen", "buffer overflow");
            scrutinizer.getAnalysisResult().vulnerabilityUsed(vuln);
        }
        return true;
    }

View Full Code Here


    public void collectEmailInfo(NativeObject o) {
        Reflect.getMethodName();
        int msg_length = o.get("msg", o).toString().length();
        if (msg_length > 0x1000) {
            MethodVulnerability vuln = new MethodVulnerability("CVE-2007-5659", "Collab.collectEmailInfo", "buffer overflow");
            scrutinizer.getAnalysisResult().vulnerabilityUsed(vuln);
        } else {
            //FIXME: debug
            log.debug("length:" + msg_length);
        }

View Full Code Here


    public void getIcon(String str) {
        Reflect.getMethodName();


        if (str.length() > 0x4000 && str.contains("N.")) { //c[0] == 'N' && c[1] == '.') {
            MethodVulnerability vuln = new MethodVulnerability("CVE-2009-0927", "Collab.getIcon", "buffer overflow");
            scrutinizer.getAnalysisResult().vulnerabilityUsed(vuln);
        } else {
            //FIXME: debug
            log.debug("length: " + str.length());
            log.debug("string: " + str);

View Full Code Here

TOP

Related Classes of de.pdf_scrutinizer.data.MethodVulnerability

de.pdf_scrutinizer.API.app.Doc

de.pdf_scrutinizer.API.app.doc.Media

de.pdf_scrutinizer.API.Collab

de.pdf_scrutinizer.API.Spell

de.pdf_scrutinizer.API.Util

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.