40 lines
No EOL
1.5 KiB
Text
40 lines
No EOL
1.5 KiB
Text
Title : Adobe Reader 11.0.0 Stack overflow
|
|
Version : 11.0.0.379
|
|
Date : 2012-11-01
|
|
Vendor : http://www.adobe.com/
|
|
Impact : Med
|
|
Contact : coolkaveh [at] rocketmail.com
|
|
Twitter : @coolkaveh
|
|
tested : Windows 7 X64 ENG
|
|
Author : coolkaveh
|
|
###########################################################################################################
|
|
Bug :
|
|
----
|
|
Don't forget that exploitable bugs will be published after being patched
|
|
----
|
|
Stack Exhaustion vulnerability during the handling of the pdf files.
|
|
That will trigger a denial of service condition
|
|
----
|
|
############################################################################################################
|
|
ADOBE_READLOGGER_CMD:PAUSE_LOG
|
|
ModLoad: 71770000 71799000 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\BIBUtils.dll
|
|
(23ac.1cc8): Stack overflow - code c00000fd (first chance)
|
|
First chance exceptions are reported before any exception handling.
|
|
This exception may be expected and handled.
|
|
eax=00acefa8
|
|
ebx=004431a8
|
|
ecx=0000001c
|
|
edx=00000be7
|
|
esi=00443094
|
|
edi=00443130
|
|
eip=772a22a8
|
|
esp=00443000
|
|
ebp=0044300c iopl=0 nv up ei pl nz na pe nc
|
|
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010206
|
|
ntdll!RtlEnterCriticalSection+0x8:
|
|
772a22a8 56 push esi
|
|
###########################################################################################################
|
|
Proof of concept included.
|
|
|
|
http://www42.zippyshare.com/v/23669551/file.html
|
|
Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/22464.pdf |