Adobe Reader 11.0.0 – Stack Overflow Crash (PoC)

• Exploit Database
• 104 阅读

• 作者： coolkaveh
  日期： 2012-11-04
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/22464/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41

  Title:Adobe Reader 11.0.0 Stack overflow Version:11.0.0.379 Date :2012-11-01 Vendor :http://www.adobe.com/ Impact :Med Contact:coolkaveh [at] rocketmail.com Twitter:@coolkaveh tested :Windows 7 X64 ENG Author :coolkaveh ########################################################################################################### Bug : ---- Don't forget that exploitable bugs will be published after being patched ---- Stack Exhaustion vulnerability during the handling of the pdf files. That will trigger a denial of service condition ---- ############################################################################################################ ADOBE_READLOGGER_CMD:PAUSE_LOG ModLoad: 71770000 71799000 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\BIBUtils.dll (23ac.1cc8): Stack overflow - code c00000fd (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=00acefa8 ebx=004431a8 ecx=0000001c edx=00000be7 esi=00443094 edi=00443130 eip=772a22a8 esp=00443000 ebp=0044300c iopl=0 nv up ei pl nz na pe nc cs=0023ss=002bds=002bes=002bfs=0053gs=002b efl=00010206 ntdll!RtlEnterCriticalSection+0x8: 772a22a8 56pushesi ########################################################################################################### Proof of concept included.   http://www42.zippyshare.com/v/23669551/file.html Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/22464.pdf