all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Smash PostScript Interpreters Using A Syntax-Aware Fuzzer

Add to bookmarks
April 26, 2023, 3:50 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

In 2022, Zscaler’s ThreatLabz performed vulnerability hunting for some of the most popular PostScript interpreters using a custom-built syntax-aware fuzzer. The PostScript interpreters that were evaluated include Adobe Acrobat Distiller and Apple’s PSNormalizer. At the time of publication, ThreatLabz has discovered three vulnerabilities (CVE-2022-35665, CVE-2022-35666, CVE-2022-35668) in Adobe Acrobat Distiller and one vulnerability (CVE-2022-32843) in Apple’s PSNormalizer. This blog presents how the syntax-aware fuzzer was developed and analyzes the results.


PostScript Language


PostScript is a stack-based programming language, where values …

acrobat adobe adobe acrobat apple aware blog cve fuzzer hunting language operations popular programming results vulnerabilities vulnerability zscaler

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

FBI warns of email spoofing by North Korean threat actor Kimsuky an hour ago | malware.news
actor article dmarc domains +16
You get a passkey, you get a passkey, everyone should get a passkey 5 hours ago | malware.news
accounts can consumer cracked +10
Attackers evade detection by leveraging Microsoft Graph API 5 hours ago | malware.news
api article attackers cloud +15
Weird Al, Docker, OT, Gitlab, Credit Monitoring, Dropbox, Cisco, AI, Aaran Leyland... - SWN #383 6 hours ago | malware.news
article cisco credit credit monitoring +8
Code faster with generative AI, but beware the risks when you do 6 hours ago | malware.news
article can code coding +13
Proposed Bill Focuses on Voluntary AI Security Incident Reporting 7 hours ago | malware.news
ai security bill companies cybersecurity +21
The impact of automating open source dependency management 7 hours ago | malware.news
article business consuming customer +12
Diffusione di malware Keylogger tramite falsa pagina di Agenzia delle Entrate – PuntoFisco 8 hours ago | malware.news
agenzia delle entrate article cert con +5
Stronger cybersecurity aimed by Menlo Security, Google Cloud collaboration 9 hours ago | malware.news
article cloud collaboration customers +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Engineer - Detection and Response

@ Fastly, Inc. | US (Remote)
View on infosec-jobs.com

Application Security Engineer

@ Solidigm | Zapopan, Mexico
View on infosec-jobs.com

Defensive Cyber Operations Engineer-Mid

@ ISYS Technologies | Aurora, CO, United States
View on infosec-jobs.com

Manager, Information Security GRC

@ OneTrust | Atlanta, Georgia
View on infosec-jobs.com

Senior Information Security Analyst | IAM

@ EBANX | Curitiba or São Paulo
View on infosec-jobs.com

Senior Information Security Engineer, Cloud Vulnerability Research

@ Google | New York City, USA; New York, USA
View on infosec-jobs.com
View more jobs