Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Adobe Reader 11.0.0 - Stack Overflow Crash (PoC)

🗓️ 04 Nov 2012 00:00:00Reported by coolkavehType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 24 Views

Adobe Reader Stack Overflow Crash (PoC) - Handling of PDF File

Code
Title    :  Adobe Reader 11.0.0 Stack overflow 
Version  :  11.0.0.379
Date     :  2012-11-01
Vendor   :  http://www.adobe.com/
Impact   :  Med
Contact  :  coolkaveh [at] rocketmail.com
Twitter  :  @coolkaveh
tested   :  Windows 7 X64 ENG
Author   :  coolkaveh
###########################################################################################################
Bug :
----
Don't forget that exploitable bugs will be published after being patched
----
Stack Exhaustion vulnerability during the handling of the pdf files.
That will trigger a denial of service condition
---- 
############################################################################################################
ADOBE_READLOGGER_CMD:PAUSE_LOG
ModLoad: 71770000 71799000   C:\Program Files (x86)\Adobe\Reader 11.0\Reader\BIBUtils.dll
(23ac.1cc8): Stack overflow - code c00000fd (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00acefa8 
ebx=004431a8 
ecx=0000001c 
edx=00000be7 
esi=00443094 
edi=00443130
eip=772a22a8 
esp=00443000 
ebp=0044300c iopl=0         nv up ei pl nz na pe nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00010206
ntdll!RtlEnterCriticalSection+0x8:
772a22a8 56              push    esi
###########################################################################################################
Proof of concept included. 

http://www42.zippyshare.com/v/23669551/file.html
Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/22464.pdf

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
04 Nov 2012 00:00Current
7.4High risk
Vulners AI Score7.4
adobe reader 11stack overflowdenial of servicepdf filesvulnerabilitywindows 7 x64exploit-databse mirror
24