Jump to content
  • Entries

    16114
  • Comments

    7952
  • Views

    863572683

Contributors to this blog

  • HireHackking 16114

About this blog

Hacking techniques include penetration testing, network security, reverse cracking, malware analysis, vulnerability exploitation, encryption cracking, social engineering, etc., used to identify and fix security flaws in systems.

########################################################################################
  
# Title: Adobe Reader DC <= 15.010.20060 - Memory corruption
# Application: Adobe Reader DC
# Version: 15.010.20060 and earlier versions
# Platform: Windows and Macintosh
# Software Link: https://acrobat.adobe.com/ca/fr/acrobat/pdf-reader.html
# Date: May 10, 2016
# CVE: CVE-2016-1077
# Author: Pier-Luc Maltais from COSIG
# Contact: https://twitter.com/COSIG_
# Personal contact: https://twitter.com/plmaltais
  
########################################################################################
  
===================
Introduction:
===================
 More powerful than other PDF software, Adobe Acrobat Reader DC is the free, trusted 
 standard for viewing, printing and annotating PDFs. And now, it’s connected to Adobe 
 Document Cloud — so it’s easier than ever to work with PDFs on computers and mobile 
 devices. (https://acrobat.adobe.com/ca/en/acrobat/pdf-reader.html)
 
########################################################################################
  
===================
Report Timeline:
===================
 2016-02-04: Pier-Luc Maltais from COSIG found the issue and report it to Adobe PSIRT.
 2016-05-10: Vendor fixed the issue (APSB16-14).
 2016-03-08: Release of this advisory.
 
########################################################################################
  
===================
Technical details:
===================
 A memory corruption occurs when Adobe Reader DC handle a specially crafted image 
 XObject, which could lead to remote code execution.
  
########################################################################################
  
==========
POC:
==========
https://plmsecurity.net/sites/plmsecurity.net/files/APSB16-14_PoC.pdf
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/39799.zip
  
########################################################################################