bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/windows/dos/39330.txt
Offensive Security d63de06c7a DB: 2022-11-10 
2776 changes to exploits/shellcodes/ghdb
2022-11-10 16:39:50 +00:00

66 lines
No EOL
2.3 KiB
Text
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#####################################################################################
Application: Foxit Reader PDF Parsing Memory Corruption
Platforms: Windows
Versions: 7.2.8.1124 and earlier
Author: Francis Provencher of COSIG
Website: http://www.protekresearchlab.com/
Twitter: @COSIG_
#####################################################################################
1) Introduction
2) Report Timeline
3) Technical details
4) POC
#####################################################################################
===============
1) Introduction
===============
Foxit Reader is a multilingual freemium PDF tool that can create, view, edit, digitally sign, and print PDF files.[3] Early versions of Foxit Reader were notable for startup performance and small file size.[citation needed] Foxit has been compared favorably toAdobe Reader.[4][5][6] The Windows version allows annotating and saving unfinished PDF forms, FDF import/export, converting to text, highlighting and drawing.
(http://en.wikipedia.org/wiki/Foxit_Reader)
#####################################################################################
============================
2) Report Timeline
============================
2015-12-18: Francis Provencher from Protek Research Labs found the issue;
2016-01-02: Foxit Security Response Team confirmed the issue;
2016-01-21: Foxit fixed the issue;
#####################################################################################
============================
3) Technical details
============================
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader.
User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
A specially crafted PDF can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability
to execute arbitrary code under the context of the current process.
#####################################################################################
===========
4) POC
===========
http://protekresearchlab.com/exploits/COSIG-2016-02.pdf
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/39330.zip
###############################################################################
Reference in a new issue View git blame Copy permalink