Adobe Acrobat Reader 8.1.2 – 9.0 getIcon() Memory Corruption Exploit

====================================================================
Adobe Acrobat Reader 8.1.2 – 9.0 getIcon() Memory Corruption Exploit
====================================================================



Affected Version   : Acrobat Reader 8.1.2 - 9.0
Tested   On        : XP SP2 / SP3

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations
of Adobe Acrobat and Adobe Reader. User interaction is required in that a user must visit a
malicious web site or open a malicious file.The specific flaw exists when processing malicious
JavaScript contained in a PDF document. When supplying a specially crafted argument to the getIcon()
method of a Collab object, proper bounds checking is not performed resulting in a stack overflow.
If successfully exploited full control of the affected machine running under the credentials of the
currently logged in user can be achieved.

This vulnerability was discovered by:

Tenable Network Security (here is a man named Nicolas Pouvesle and we know == > he have lots of exploitation method ;)  )


note : this exploit is just for purpose so shellcode will execute calc if you want other shellcode change shellcode .

back: http://inj3ct0r.com/sploits/733.rar



#  0day.today [2018-04-12]  #