tag:blogger.com,1999:blog-7347279.post1836790560639881528..comments2023-08-26T05:04:33.009-04:00Comments on anti-virus rants: short thought on sandboxingkurt wismerhttp://www.blogger.com/profile/03810635947269551517noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-7347279.post-38270763458760270792010-12-23T10:00:23.382-05:002010-12-23T10:00:23.382-05:00Another issue with the sandbox-zoo is sandbox-hopp...Another issue with the sandbox-zoo is sandbox-hopping.<br /><br />Code running in the IE7/8/9 sandbox can inject code in the Adobe Reader sandbox or Microsoft Office sandbox.<br /><br />If one has an exploit for IE but no IE sandbox bypass, however one has an Adobe Reader sandbox bypass, then one can inject code into Adobe Reader and escape from the Adobe Reader sandbox.Didier Stevenshttp://blog.DidierStevens.comnoreply@blogger.com