This is an (unfortunately) fairly common class of vulnerability. Many applications fall victim to this form of attack because they don't think to check signatures on binaries. There is a tool, EvilGrade (https://code.google.com/p/isr-evilgrade/), designed to assist in demonstrating these types of attacks.
No comments yet.