Adobe Reader authplay.dll newfunction Memory Corruption

2010-06-17T00:00:00
ID SAINT:4087FA9BA2E83B1761565A4E280BC32F
Type saint
Reporter SAINT Corporation
Modified 2010-06-17T00:00:00

Description

Added: 06/17/2010
CVE: CVE-2010-1297
BID: 40586
OSVDB: 65141

Background

Adobe Reader is free software for viewing PDF documents.

Problem

A memory corruption vulnerability in **authplay.dll** provided with Adobe Reader 9.3.2 and earlier 9.x versions allows command execution when a user opens a specially crafted PDF file that contains Shockwave Flash (SWF) content that calls the **newfunction()** function with invalid parameters.

Resolution

Apply the patches referenced in APSA10-01 when they become available. In the interim, follow the relevant directions for mitigating the vulnerability in Adobe Reader.

References

<http://secunia.com/advisories/40034>

Limitations

Exploit works on Adobe Reader 9.3.0.

The user must open the exploit file in Adobe Reader.

Platforms

Windows