6681 matches found
Adobe Reader media.newPlayer Use-After-Free Code Execution
Added: 12/23/2009 CVE: CVE-2009-4324 BID: 37331 OSVDB: 60980 Background Adobe Reader is free software for viewing PDF documents. Problem This issue is caused by a use-after-free error within the "Doc.Media.newPlayer" JavaScript function, which could be exploited by attackers to execute arbitrary...
Adobe Reader and Acrobat (CVE-2009-4324) Exploit
No description provided by source. Author : Ahmed Obied [email protected] This program generates a PDF file that exploits a vulnerability CVE-2009-4324 in Adobe Reader and Acrobat. The generated PDF file was tested using Adobe Reader 9.2.0 on Windows XP SP3. The exploit's payload spawns the...
Adobe Reader和Acrobat newplayer() JavaScript方式内存破坏漏洞
BUGTRAQ ID: 37331 CVE ID: CVE-2009-4324 Adobe Acrobat和Reader都是非常流行的PDF文件阅读器。 Adobe Reader和Acrobat阅读器支持JavaScript。Doc.media对象的newplayer方式存在释放后使用漏洞,可能触发可利用的内存访问破坏。远程攻击者可以通过使用ZLib压缩流的特制PDF文件来利用这个漏洞,导致执行任意代码。 Adobe Acrobat = 9.2 Adobe Reader = 9.2 临时解决方法: 禁用JavaScript。 禁止使用Doc.media.newPlayer方式。 厂商补丁...
Adobe Reader / Acrobat - '.PDF' File Overflow
Author : Ahmed Obied [email protected] This program generates a PDF file that exploits a vulnerability CVE-2009-4324 in Adobe Reader and Acrobat. The generated PDF file was tested using Adobe Reader 9.2.0 on Windows XP SP3. The exploit's payload spawns the calculator. Usage : python...
Adobe Reader media.newPlayer Use-After-Free Code Execution
Added: 12/23/2009 CVE: CVE-2009-4324 BID: 37331 OSVDB: 60980 Background Adobe Reader is free software for viewing PDF documents. Problem This issue is caused by a use-after-free error within the "Doc.Media.newPlayer" JavaScript function, which could be exploited by attackers to execute arbitrary...
Adobe Reader Multimeda Doc.media.newPlayer RCE Vulnerability - Linux
Adobe Reader is prone to a remote code execution RCE vulnerability in Doc.media.newPlayer. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE ...
Adobe Reader/Acrobat Multimedia Doc.media.newPlayer Code Execution Vulnerability - Windows
Adobe Reader/Acrobat is prone to Doc.media.newPlayer Remote Code Execution vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Adobe Reader/Acrobat 'newplayer()' JavaScript方法远程代码执行漏洞
Bugraq ID: 37331 CVE ID:CVE-2009-4324 Adobe Reader/Acrobat是一款流行的处理PDF文件的应用程序。 Adobe Reader/Acrobat中的Doc.media.newPlayer方法包含释放后使用漏洞,允许远程未验证用户在目标用户系统上执行任意代码。 Adobe Reader/Acrobat支持JavaScript,Doc.media对象中的newplayer方法包含一个释放后使用漏洞,可导致一个可利用的内存访问冲突。此漏洞已经在网络上积极利用。...
Adobe FlateDecode Stream Predictor 02 Integer Overflow
This module exploits an integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions before 9.2. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class MetasploitModule 'Adobe...
Design/Logic Flaw
Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild...
CVE-2009-4324
Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild...
CVE-2009-4324
Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild...
CVE-2009-4324
Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild...
Adobe JBIG2Decode Memory Corruption Exploit
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'zlib' class Metasploit3...
Adobe util.printf() Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'zlib' class Metasploit3...
Adobe PDF Embedded EXE Social Engineering
require 'msf/core' class Metasploit3 'Adobe PDF Embedded EXE Social Engineering', 'Description' = %q This module embeds a Metasploit payload into an existing PDF file. The resulting PDF can be sent to a target as part of a social engineering attack. , 'License' = MSFLICENSE, 'Author' = 'Colin Ame...
Adobe U3D CLODProgressiveMeshDeclaration Array Overrun
This module exploits an array overflow in Adobe Reader and Adobe Acrobat. Affected versions include 'Adobe U3D CLODProgressiveMeshDeclaration Array Overrun', 'Description' = %q This module exploits an array overflow in Adobe Reader and Adobe Acrobat. Affected versions include MSFLICENSE, 'Author'...
Adobe U3D CLODProgressiveMeshDeclaration Array Overrun
This module exploits an array overflow in Adobe Reader and Adobe Acrobat. Affected versions include 'Adobe U3D CLODProgressiveMeshDeclaration Array Overrun', 'Description' = %q This module exploits an array overflow in Adobe Reader and Adobe Acrobat. Affected versions include MSFLICENSE, 'Author'...
Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution
Added: 11/20/2009 CVE: CVE-2009-2997 BID: 36638 OSVDB: 58926 Background Adobe Reader is free software for viewing PDF documents. Problem A heap memory corruption vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to an input validation error while parsing Universal 3D U3D file...
Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution
Added: 11/20/2009 CVE: CVE-2009-2997 BID: 36638 OSVDB: 58926 Background Adobe Reader is free software for viewing PDF documents. Problem A heap memory corruption vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to an input validation error while parsing Universal 3D U3D file...