Metasploit modules that can be used to exploit Adobe » Acrobat Reader » 10.1.5
-
Adobe Reader ToolButton Use After Free
Disclosure Date: 2013-08-08First seen: 2020-04-26exploit/windows/browser/adobe_toolbuttonThis module exploits an use after free condition on Adobe Reader versions 11.0.2, 10.1.6 and 9.5.4 and prior. The vulnerability exists while handling the ToolButton object, where the cEnable callback can be used to early free the object memory. Later use of the object allows triggering the use after free condition. This module has been tested successfully on Adobe Reader 11.0.2 and 10.0.4, with IE and Windows XP SP3, as exploited in the wild in November, 2013. At the moment, this module doesn't support Adobe Reader 9 targets; in order to exploit Adobe Reader 9 the fileformat version of the exploit can be used. Authors: - Soroush Dalili - Unknown - sinn3r <sinn3r@metasploit.com> - juan vazquez <juan.vazquez@metasploit.com> -
Adobe Reader ToolButton Use After Free
Disclosure Date: 2013-08-08First seen: 2020-04-26exploit/windows/fileformat/adobe_toolbuttonThis module exploits a use after free condition on Adobe Reader versions 11.0.2, 10.1.6 and 9.5.4 and prior. The vulnerability exists while handling the ToolButton object, where the cEnable callback can be used to early free the object memory. Later use of the object allows triggering the use after free condition. This module has been tested successfully on Adobe Reader 11.0.2, 10.0.4 and 9.5.0 on Windows XP SP3, as exploited in the wild in November, 2013. Authors: - Soroush Dalili - Unknown - sinn3r <sinn3r@metasploit.com> - juan vazquez <juan.vazquez@metasploit.com> -
AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass
Disclosure Date: 2013-05-14First seen: 2020-04-26exploit/windows/local/adobe_sandbox_adobecollabsyncThis module exploits a vulnerability on Adobe Reader X Sandbox. The vulnerability is due to a sandbox rule allowing a Low Integrity AcroRd32.exe process to write register values which can be used to trigger a buffer overflow on the AdobeCollabSync component, allowing to achieve Medium Integrity Level privileges from a Low Integrity AcroRd32.exe process. This module has been tested successfully on Adobe Reader X 10.1.4 over Windows 7 SP1. Authors: - Felipe Andres Manzano - juan vazquez <juan.vazquez@metasploit.com>
3 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers.
Visit metasploit web site for more details