Cool PDF Reader 3.0.2.256 - Buffer Overflow

Cool PDF Reader 3.0.2.256 - Buffer Overflow Exploit Title: Cool PDF Reader 3.0.2.256 buffer overflow Vulnerability Disclosed to US-CERT by Chris Gabriel: 11-20-2012 Emailed vendor: 12-4-2012 Francis Provencher discovered vulnerability and reported to Secunia: 12-19-2012 Vulnerability Discovery:...

Foxit Patches Vulnerability, Updates Reader Product

Foxit fixed a vulnerability in its PDF reader product yesterday, eight days after it was discovered that an attacker could have leveraged to insert malicious code into documents. Version 5.4.5 of Reader addresses a boundary error in the program’s Web browser plugin, “npFoxitReaderPlugin.dl.” If...

SumatraPDF < 2.1 Multiple Vulnerabilities

The version of SumatraPDF installed on the remote Windows host is earlier than 2.1. As such, it is potentially affected by multiple memory corruption vulnerabilities. By tricking a user into opening a specially crafted PDF file, a remote, unauthenticated attacker could execute arbitrary code on t...

CVE-2010-5209

Multiple untrusted search path vulnerabilities in Nuance PDF Reader 6.0 allow local users to gain privileges via a Trojan horse 1 dwmapi.dll or 2 exceptiondumpdll.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are...

Design/Logic Flaw

Multiple untrusted search path vulnerabilities in Nuance PDF Reader 6.0 allow local users to gain privileges via a Trojan horse 1 dwmapi.dll or 2 exceptiondumpdll.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are...

CVE-2010-5209

CVE-2010-5209 describes multiple untrusted search path vulnerabilities in Nuance PDF Reader 6.0 that allow local users to gain privileges via a Trojan horse when a malicious DLL is placed in the current working directory (either dwmapi.dll or exceptiondumpdll.dll ) and a PDF is present in that di...

CVE-2010-5209

Multiple untrusted search path vulnerabilities in Nuance PDF Reader 6.0 allow local users to gain privileges via a Trojan horse 1 dwmapi.dll or 2 exceptiondumpdll.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are...

Slim PDF Reader 1.0 Memory Corruption

Exploit Title: Date: June 24 2012 Exploit Author: Carlos Mario Penagos Hollmann Vendor Homepage: www.investintech.com Version:1.0 Tested on: Windows 7 CVE : cve-2011-4220 payload ="A"10000 crash="startxref" pdf=payload+crash filename = "slimpdPoC.pdf" file = openfilename,"w" file.writelinespdf...

Adobe Reader: Multiple vulnerabilities

Background Adobe Reader is a closed-source PDF reader. Description Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted PDF file using Adobe Reader,...

Foxit PDF Reader 4.2 Javascript File Write

No description provided by source. $Id: foxitreaderfilewrite.rb 11955 2011-03-14 12:01:55Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

Foxit PDF Reader 4.2 Javascript File Write

Exploit for windows platform in category local exploits $Id: foxitreaderfilewrite.rb 11955 2011-03-14 12:01:55Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more...

Foxit PDF Reader 4.2 Javascript File Write

This module exploits an unsafe Javascript API implemented in Foxit PDF Reader version 4.2. The createDataObject Javascript API function allows for writing arbitrary files to the file system. This issue was fixed in version 4.3.1.0218. Note: This exploit uses the All Users directory currently, whi...

Foxit PDF Reader 4.2 Javascript File Write

$Id: foxitreaderfilewrite.rb 11955 2011-03-14 12:01:55Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Foxit PDF Reader 4.2 - JavaScript File Write (Metasploit)

$Id: foxitreaderfilewrite.rb 11955 2011-03-14 12:01:55Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Nitro PDF Reader 1.4.0 - Heap Memory Corruption (PoC)

Nitro PDF Reader 1.4.0 - Heap Memory Corruption PoC Nitro PDF Reader 1.4.0 Remote Heap Memory Corruption / DoS PoC Vendor: Nitro PDF, Inc., Nitro PDF Pty Ltd. Product web page: http://www.nitroreader.com Affected version: 1.4.0.11 Summary: Nitro PDF Reader, free, fast, powerfull and secure. Creat...

Nitro PDF Reader 1.4.0 - Heap Memory Corruption (PoC)

Nitro PDF Reader 1.4.0 Remote Heap Memory Corruption / DoS PoC Vendor: Nitro PDF, Inc., Nitro PDF Pty Ltd. Product web page: http://www.nitroreader.com Affected version: 1.4.0.11 Summary: Nitro PDF Reader, free, fast, powerfull and secure. Create PDF files, comment and review, save PDF forms,...

eXPert PDF Reader 4.0 NULL Pointer Dereference and Heap Corruption

Exploit for windows platform in category dos / poc !/usr/local/bin/perl eXPert PDF Reader 4.0 NULL Pointer Dereference and Heap Corruption Denial Of Service Vendor: Visagesoft Product web page: http://www.visagesoft.com Affected version: 4.0.210 Summary: eXPert PDF Reader is a free pdf viewer...

Nitro PDF Reader 1.4.0 Remote Heap Memory Corruption / DoS PoC

Summary Nitro PDF Reader, free, fast, powerfull and secure. Create PDF files, comment and review, save PDF forms, extract text and images, type text directly onto the page, and more. Description The program suffers from a heap corruption vulnerability which can be exploited by malicious people to...

eXPert PDF Reader 4.0 - Null Pointer Dereference and Heap Corruption

!/usr/local/bin/perl eXPert PDF Reader 4.0 NULL Pointer Dereference and Heap Corruption Denial Of Service Vendor: Visagesoft Product web page: http://www.visagesoft.com Affected version: 4.0.210 Summary: eXPert PDF Reader is a free pdf viewer software that lets you view and print pdf documents on...

eXPert PDF Reader 4.0 NULL Pointer Dereference / Heap Corruption

!/usr/local/bin/perl eXPert PDF Reader 4.0 NULL Pointer Dereference and Heap Corruption Denial Of Service Vendor: Visagesoft Product web page: http://www.visagesoft.com Affected version: 4.0.210 Summary: eXPert PDF Reader is a free pdf viewer software that lets you view and print pdf documents on...