bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/multiple/dos/39799.txt
Offensive Security d63de06c7a DB: 2022-11-10 
2776 changes to exploits/shellcodes/ghdb
2022-11-10 16:39:50 +00:00

49 lines
No EOL
1.9 KiB
Text
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

########################################################################################
# Title: Adobe Reader DC <= 15.010.20060 - Memory corruption
# Application: Adobe Reader DC
# Version: 15.010.20060 and earlier versions
# Platform: Windows and Macintosh
# Software Link: https://acrobat.adobe.com/ca/fr/acrobat/pdf-reader.html
# Date: May 10, 2016
# CVE: CVE-2016-1077
# Author: Pier-Luc Maltais from COSIG
# Contact: https://twitter.com/COSIG_
# Personal contact: https://twitter.com/plmaltais
########################################################################################
===================
Introduction:
===================
More powerful than other PDF software, Adobe Acrobat Reader DC is the free, trusted
standard for viewing, printing and annotating PDFs. And now, its connected to Adobe
Document Cloud — so its easier than ever to work with PDFs on computers and mobile
devices. (https://acrobat.adobe.com/ca/en/acrobat/pdf-reader.html)
########################################################################################
===================
Report Timeline:
===================
2016-02-04: Pier-Luc Maltais from COSIG found the issue and report it to Adobe PSIRT.
2016-05-10: Vendor fixed the issue (APSB16-14).
2016-03-08: Release of this advisory.
########################################################################################
===================
Technical details:
===================
A memory corruption occurs when Adobe Reader DC handle a specially crafted image
XObject, which could lead to remote code execution.
########################################################################################
==========
POC:
==========
https://plmsecurity.net/sites/plmsecurity.net/files/APSB16-14_PoC.pdf
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/39799.zip
########################################################################################
Reference in a new issue View git blame Copy permalink