header-logo
Suggest Exploit
vendor:
Adobe Reader
by:
ExtraExploit
9,3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Adobe Reader
Affected Version From: 9.4.1
Affected Version To: 9.4.1
Patch Exists: YES
Related CWE: CVE-2010-2883
CPE: a:adobe:reader:9.4.1
Metasploit: https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2010-0743/https://www.rapid7.com/db/vulnerabilities/adobe-reader-apsb10-21-CVE-2010-2883/https://www.rapid7.com/db/vulnerabilities/suse-cve-2010-2883/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2010-2883/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2010

XPLPDF Adobe Reader 9.4.1 – ‘util.printf()’ Buffer Overflow (SEH)

XPLPDF is a proof-of-concept exploit for Adobe Reader 9.4.1. It exploits a buffer overflow vulnerability in the 'util.printf()' JavaScript function when processing a specially crafted PDF file. The vulnerability is triggered when a user opens a malicious PDF file with Adobe Reader 9.4.1. The exploit uses a SEH overwrite technique to gain code execution.

Mitigation:

Adobe Reader 9.4.2 and later versions are not affected by this vulnerability. Users should upgrade to the latest version of Adobe Reader.
Source

Exploit-DB raw data:

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/15419.bin (xpl_pdf.bin)

http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html

Navigation

Suggest Exploit

Services By CQR