Adobe Acrobat and Adobe Reader Remote Code Execution Vulnerability

vendor:

Acrobat Reader

by:

Tenable Network Security

9,3

CVSS

HIGH

Stack Overflow

119

CWE

Product Name: Acrobat Reader

Affected Version From: Acrobat Reader 8.1.2

Affected Version To: Acrobat Reader 9.0

Patch Exists: YES

Related CWE: N/A

CPE: a:adobe:acrobat_reader:8.1.2

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows XP SP2/SP3

2009

Adobe Acrobat and Adobe Reader Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required in that a user must visit a malicious web site or open a malicious file.The specific flaw exists when processing malicious JavaScript contained in a PDF document. When supplying a specially crafted argument to the getIcon() method of a Collab object, proper bounds checking is not performed resulting in a stack overflow. If successfully exploited full control of the affected machine running under the credentials of the currently logged in user can be achieved.

Mitigation:

Users should update to the latest version of Adobe Acrobat and Adobe Reader.

Source

Exploit-DB raw data:

Affected Version   : Acrobat Reader 8.1.2 - 9.0
Vendor  Patch      : http://www.adobe.com/support/security/bulletins/apsb09-04.html
Tested   On        : XP SP2 / SP3

from ZDI :  http://www.zerodayinitiative.com/advisories/ZDI-09-014/

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations
of Adobe Acrobat and Adobe Reader. User interaction is required in that a user must visit a
malicious web site or open a malicious file.The specific flaw exists when processing malicious
JavaScript contained in a PDF document. When supplying a specially crafted argument to the getIcon()
method of a Collab object, proper bounds checking is not performed resulting in a stack overflow.
If successfully exploited full control of the affected machine running under the credentials of the
currently logged in user can be achieved.

This vulnerability was discovered by:

Tenable Network Security (there is a man named Nicolas Pouvesle and we know == > he has lots of exploitation method  ; ))

Exploit By :  www.Abysssec.com

note : this exploit is just for educational purpose so shellcode will execute calc if you want other shellcode change shellcode .

Exploit Link : http://abysssec.com/Adobe.Collab.getIcon().pdf
Mirror  Link : https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/8595.pdf (2009-Adobe.Collab.getIcon.pdf)

# milw0rm.com [2009-05-04]