Whitepaper called The Apple Sandbox. It discuss the access control system in OS X and iOS operating systems.
13156bf67e2a3f92b42f28d888c866763556f2d45417fb8328b2c5c450538a87
iDefense Security Advisory 10.13.09 - Remote exploitation of an invalid array index vulnerability in Adobe Systems Inc.'s Reader and Acrobat could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing a U3D file embedded inside of a PDF. U3D is a file format used to represent 3D images. When parsing a U3D file, the parsing code fails to validate a value from the file used as index into a list of objects. This results in an attacker being able to specify an arbitrary value for a function pointer, which leads to the execution of arbitrary code. iDefense confirmed the existence of this vulnerability in Reader and Acrobat versions 9.1.3 and 8.1.6. Previous versions may also be affected.
036e3aa6e99462fba57e81b58b99274ca7837766dda18884ae3b383d0ebe33ff