header-logo
Suggest Exploit
vendor:
Acrobat Reader
by:
Ivan Rodriguez Almuina (kralor)
9,3
CVSS
HIGH
Universal Exploiter
20
CWE
Product Name: Acrobat Reader
Affected Version From: Adobe Reader 9.0.0
Affected Version To: Adobe Reader 8.1.2
Patch Exists: YES
Related CWE: CVE-2009-0927
CPE: a:adobe:acrobat_reader:9.0.0
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3 English/French, Windows 2003 SP2 English
2009

Acrobat Reader – Collab getIcon universal exploiter

This exploit is a python script which can be used to exploit Adobe Reader versions 9.0.0 and 8.1.2 on Windows XP SP3 English/French and Windows 2003 SP2 English. It can be used to exploit standalone PDFs, embedded PDFs in Firefox 3.0.13 and Internet Explorer 7.

Mitigation:

Adobe released a patch for this vulnerability in 2009.
Source

Exploit-DB raw data:

#!/usr/bin/env python
#
# *** Acrobat Reader - Collab getIcon universal exploiter ***
# evil_pdf.py, tested on Operating Systems:
# Windows XP SP3 English/French
# Windows 2003 SP2 English
# with Application versions:
# Adobe Reader 9.0.0/8.1.2 English/French
# Test methods:
# Standalone PDF, embedded PDF in Firefox 3.0.13 and Internet Explorer 7
# 24/06/2009 - Created by Ivan Rodriguez Almuina (kralor). All rights reserved.
# [Coromputer] raised from the ashes.
#

http://www.coromputer.net/CVE-2009-0927_package.zip
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/9579.zip (2009-CVE-2009-0927_package.zip)

# milw0rm.com [2009-09-03]