Exploit for Use After Free in Adobe Acrobat_Dc

CVE-2020-9715 EDR Validation PoC Use-after-free in Adobe Acro...

📄 PDF Object Injection Generator

PDF object injection is a vulnerability in applications that dynamically generate PDFs from user input without proper validation or escaping. This proof of concept generates a malicious pdf for testing software such as jsPDF...

VulnCheck KEV: CVE-2009-1492

The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code...

acroread: multiple vulnerabilities in Adobe Reader 8.1.4

The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code...

Authentication flaw

The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code...

Adobe Reader 'getAnnots()' Javascript函数远程代码执行漏洞

BUGTRAQ ID: 34736 Adobe Reader是一款PDF文件解析程序。 Adobe Reader处理Javascript存在问题，远程攻击者可以利用漏洞以运行用户权限执行任意代码。 构建包含超长名的注解，在使用'getAnnots' Javascript函数解析时可触发缓冲区溢出，导致以运行Adobe Reader应用程序的安全上下文执行任意代码。 Adobe Acrobat Reader 8.1.4 Adobe Acrobat Reader 9.1 目前没有解决方案提供： http://www.adobe.com/ // //Exploit made by Arr1va...