Adobe Reader 11.0.0 – Stack Overflow Crash (PoC)

• Exploit Database
• 18 阅读

• 作者： coolkaveh
  日期： 2012-11-04
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/22464/

• Title:Adobe Reader 11.0.0 Stack overflow 
  Version:11.0.0.379
  Date :2012-11-01
  Vendor :http://www.adobe.com/
  Impact :Med
  Contact:coolkaveh [at] rocketmail.com
  Twitter:@coolkaveh
  tested :Windows 7 X64 ENG
  Author :coolkaveh
  ###########################################################################################################
  Bug :
  ----
  Don't forget that exploitable bugs will be published after being patched
  ----
  Stack Exhaustion vulnerability during the handling of the pdf files.
  That will trigger a denial of service condition
  ---- 
  ############################################################################################################
  ADOBE_READLOGGER_CMD:PAUSE_LOG
  ModLoad: 71770000 71799000 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\BIBUtils.dll
  (23ac.1cc8): Stack overflow - code c00000fd (first chance)
  First chance exceptions are reported before any exception handling.
  This exception may be expected and handled.
  eax=00acefa8 
  ebx=004431a8 
  ecx=0000001c 
  edx=00000be7 
  esi=00443094 
  edi=00443130
  eip=772a22a8 
  esp=00443000 
  ebp=0044300c iopl=0 nv up ei pl nz na pe nc
  cs=0023ss=002bds=002bes=002bfs=0053gs=002b efl=00010206
  ntdll!RtlEnterCriticalSection+0x8:
  772a22a8 56pushesi
  ###########################################################################################################
  Proof of concept included. 
  
  http://www42.zippyshare.com/v/23669551/file.html
  Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/22464.pdf