[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Adobe Acrobat Reader 8.1.2 ¨C 9.0 getIcon() Memory Corruption Exploit
# Published : 2009-05-04
# Author : Abysssec
# Previous Title : Sorinara Streaming Audio Player 0.9 (.m3u) Local Stack Overflow Exploit
# Next Title : Mercury Audio Player 1.21 (.m3u) Local Stack Overflow Exploit
Affected Version : Acrobat Reader 8.1.2 - 9.0
Vendor Patch : http://www.adobe.com/support/security/bulletins/apsb09-04.html
Tested On : XP SP2 / SP3
from ZDI : http://www.zerodayinitiative.com/advisories/ZDI-09-014/
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations
of Adobe Acrobat and Adobe Reader. User interaction is required in that a user must visit a
malicious web site or open a malicious file.The specific flaw exists when processing malicious
JavaScript contained in a PDF document. When supplying a specially crafted argument to the getIcon()
method of a Collab object, proper bounds checking is not performed resulting in a stack overflow.
If successfully exploited full control of the affected machine running under the credentials of the
currently logged in user can be achieved.
This vulnerability was discovered by:
Tenable Network Security (there is a man named Nicolas Pouvesle and we know == > he has lots of exploitation method ; ))
Exploit By : www.Abysssec.com
note : this exploit is just for educational purpose so shellcode will execute calc if you want other shellcode change shellcode .
Exploit Link : http://abysssec.com/Adobe.Collab.getIcon().pdf
Mirror Link : http://exploit-db.com/sploits/2009-Adobe.Collab.getIcon.pdf
# www.Syue.com [2009-05-04]