Hmm, I wonder if a PDF file is actually needed for a font exploit. What about the trend of every fucking website now to ship their own fonts?
Also, lots of people simply pirate their fonts from googling around "fontname ttf free download", I wonder how much malware hides in these - given that I somewhere have around 16 or so copies of some exotic Adobe font in various formats, one buggier than the other.
Hiding malware in cracks or pirated content was usual on the warez forums 'round here.
US warez forums always seemed civil, cyberlocker links stayed up for years, malware was not common - German boards like boerse.bz (R.I.P.) and others had to invent "link crypters", websites hiding links to Rapidshare, Mega and other cyberlockers because the users from the boards would abuse-report each others' links. Or they'd invade other boards and post malware-loaded cracks.
Also, lots of people simply pirate their fonts from googling around "fontname ttf free download", I wonder how much malware hides in these - given that I somewhere have around 16 or so copies of some exotic Adobe font in various formats, one buggier than the other.