Adobe Reader 11.0.0 - Stack Overflow Crash PoC

2012-11-04T00:00:00
ID EDB-ID:22464
Type exploitdb
Reporter coolkaveh
Modified 2012-11-04T00:00:00

Description

Adobe Reader 11.0.0 - Stack Overflow Crash PoC. Dos exploit for windows platform

                                        
                                            Title    :  Adobe Reader 11.0.0 Stack overflow 
Version  :  11.0.0.379
Date     :  2012-11-01
Vendor   :  http://www.adobe.com/
Impact   :  Med
Contact  :  coolkaveh [at] rocketmail.com
Twitter  :  @coolkaveh
tested   :  Windows 7 X64 ENG
Author   :  coolkaveh
###########################################################################################################
Bug :
----
Don't forget that exploitable bugs will be published after being patched
----
Stack Exhaustion vulnerability during the handling of the pdf files.
That will trigger a denial of service condition
---- 
############################################################################################################
ADOBE_READLOGGER_CMD:PAUSE_LOG
ModLoad: 71770000 71799000   C:\Program Files (x86)\Adobe\Reader 11.0\Reader\BIBUtils.dll
(23ac.1cc8): Stack overflow - code c00000fd (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00acefa8 
ebx=004431a8 
ecx=0000001c 
edx=00000be7 
esi=00443094 
edi=00443130
eip=772a22a8 
esp=00443000 
ebp=0044300c iopl=0         nv up ei pl nz na pe nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00010206
ntdll!RtlEnterCriticalSection+0x8:
772a22a8 56              push    esi
###########################################################################################################
Proof of concept included. 

http://www42.zippyshare.com/v/23669551/file.html
Exploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/22464.pdf