Originally Posted by yifanlu
-PDF Reader. This seems like a great bet. The entire PDF library is a Java JNI library. /usr/java/lib/libAdobePDFReader.so and /usr/java/lib/libPDFReader.so. They are ~10MB total, so it would be easy to slip up somewhere. In addition, it is Amazon code (not open source). It also reads PDF files, a very complex file structure. There's bound to be a stack/heap/buffer overflow somewhere.
Does the PDF reader use freetype to render embedded type1 fonts in PDF files?
If so, it may be vulnerable to CVE-2011-0226 (see http://esec-lab.sogeti.com/post/Anal...3-font-exploit
for an analysis of a recent iPhone jailbreak using this exploit).