标签 ‘Adobe Acrobat Reader’ 下的日志

Adobe Acrobat Reader JBIG2 Local Buffer Overflow PoC #2 0day

#!/usr/bin/perl
# k`sOSe 02/22/2009

# http://vrt-sourcefire.blogspot.com/2009/02/have-nice-weekend-pdf-love.html

my $size = “\x40\x00”;
my $factor = “ABCD”;
my $data = “A” x 8314;
阅读全文 »

Tags: , , ,

[Advisory Update]Adobe Reader/Acrobat Remote Vul

[UPDATE]Adobe Reader/Acrobat Remote PDF Print Silently Vulnerability

by cocoruder([email protected])
http://ruder.cdut.net, updated on 2008.05.06

Summary:

A design error vulnerability exists in Adobe Reader and Adobe Acrobat Professional. A remote attacker who successfully exploit this vulnerability can control the printer without user’s permission.

Affected Software Versions:

Adobe Reader 8.1.1 and earlier versions
Adobe Acrobat Professional, 3D and Standard 8.1.1 and earlier versions

Details:

This vulnerablity due to the design error of the javascript fucntion “DOC.print()”, following are the annotates of the function in Adobe’s Javascript API Reference(named “js_api_reference.pdf”):

阅读全文 »

Tags: , , , ,

Zero day PDF exploit for Adobe Acrobat

来源:Ph4nt0m Google Group

Link to exploit:

Please download and open it locally in Adobe Acrobat (not in Adobe Acrobat
ActiveX control):

http://security.fedora-hosting.com/0day/pdf/pdf_poc.pdf

Description:

0-day proof of concept (PoC) exploit for Adobe Acrobat.

Software affected:

+ Adobe Reader 8.1 (and earlier)
+ Adobe Acrobat Standard, 阅读全文 »

Tags: ,