Adobe Reader X 10.0.0 < 10.0.1 - Atom Type Confusion

• Exploit Database
• 11 阅读

• 作者： Snake
  日期： 2011-07-03
• 类别：

  • local
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/17473/

• # Exploit Title: Adobe Reader X Atom Type Confusion Vulnerability Exploit
  # Date: 7/3/2011
  # Author: Snake ( Shahriyar.j < at > gmail )
  # Version: Adobe Reader X < 10.1
  # Tested on: 10.0.0 - 10.0.1 - Windows 7 - IE/FF/Opera
  # CVE : CVE-2011-0611
  #
  #This is the exploit I wrote for Abysssec "The Arashi" article.
  #It gracefully bypass DEP/ASLR ( not the sandbox ) in Adobe Reader X,
  #and we named this method "Tatsumaki DEP/ASRL Bypass" : >
  #It work reliably on IE9/FF4 and other browsers.
  #
  # The Arashi : http://abysssec.com/files/The_Arashi.pdf
   http://www.exploit-db.com/docs/17469.pdf
  # me : twitter.com/ponez
  # also check here for The Persian docs of this methods and more :
  http://www.0days.ir/article/
  
  Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/17473.pdf (cve-2011-0611_exploit.pdf)