header-logo
Suggest Exploit
vendor:
Document Reader Applications for iPhone
by:
Anonymous
9,3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Document Reader Applications for iPhone
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: iPhone
2020

dumb fuzzer

A fuzzer was written and used to test roughly 1000 cases on several Document Reader Applications for iPhone. The fuzzer was used to mutate the data from a sample found on the internet (http://www.ccp14.ac.uk/ccp/web-mirrors/bca-spreadsheets/scanplot101.xls). The exploit is available at https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/13825.xls (goodreader_poc.xls)

Mitigation:

Ensure that all applications are up to date and patched with the latest security updates.
Source

Exploit-DB raw data:

I wrote a fuzzer "dumb fuzzer" and used a sample from http://www.ccp14.ac.uk/ccp/web-mirrors/bca-spreadsheets/scanplot101.xls  which I randomly found on the internet. I mutated the data and tested roughly 1000 cases on several Document Reader Applications for iPhone. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/13825.xls (goodreader_poc.xls)

Navigation

Suggest Exploit

Services By CQR