header-logo
Suggest Exploit
vendor:
Adobe Reader
by:
Exploit-DB
9,3
CVSS
HIGH
Adobe 0day
20
CWE
Product Name: Adobe Reader
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: YES
Related CWE: CVE-2010-1297
CPE: a:adobe:reader
Metasploit: https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2010-0503/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2010-0464/https://www.rapid7.com/db/vulnerabilities/adobe-air-cve-2010-1297/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2010-1297/https://www.rapid7.com/db/vulnerabilities/apple-osx-flashplayerplugin-cve-2010-1297/https://www.rapid7.com/db/vulnerabilities/hpsim-cve-2010-1297/https://www.rapid7.com/db/vulnerabilities/suse-cve-2010-1297/https://www.rapid7.com/db/vulnerabilities/adobe-reader-apsb10-15-CVE-2010-1297/https://www.rapid7.com/db/vulnerabilities/adobe-unspec-bof-cve-2010-1297/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Unknown
2010

Exploit-DB Note – Live POC

This exploit is a malicious file taken from the wild. It can be decrypted using the openssl aes-256-cbc command with the password 'edb'. By visiting the link provided, the user agrees to be responsible for any damages that occur.

Mitigation:

Ensure that all Adobe software is up to date and patched with the latest security updates.
Source

Exploit-DB raw data:

# Exploit-DB Note - Live POC originally found at http://qoop.org/security/poc/cve-2010-1297/

# File is malicious! Taken from the wild! Beware!
# To decrypt the file:
# openssl aes-256-cbc -d -a -in adobe-0day-2010-1297.tar.enc -out adobe-0day-2010-1297.tar
# Password is "edb" without the quotes.

NOTE: This was taken out of live malware and was not modified. BEWARE.

By visiting the following link, you agree that you are responsible for any damages that occur.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/13787.tar.enc (adobe-0day-2010-1297.tar.enc)

Navigation

Suggest Exploit

Services By CQR