关联漏洞
标题:
Adobe Reader和Acrobat 数字错误漏洞
(CVE-2013-2729)
描述:Adobe Reader和Acrobat都是美国奥多比(Adobe)公司的产品。Adobe Reader是一款免费的PDF文件阅读器,Acrobat是一款PDF文件编辑和转换工具。 Adobe Reader和Acrobat 9.5.5之前的9.x版本,10.1.7之前的10.x版本,11.0.03之前的11.x版本中存在整数溢出漏洞。攻击者可利用该漏洞执行任意代码。
介绍
#Adobe Reader BMP/RLE heap corruption - CVE-2013-2729
Adobe Reader X is a powerful software solution developed by Adobe Systems to view, create, manipulate, print and manage files in Portable Document Format (PDF). Since version 10 it includes the Protected Mode, a sandbox technology similar to the one in Google Chrome which improves the overall security of the product.
- Title: Adobe Reader BMP/RLE heap corruption
- CVE Name: CVE-2013-2729
- Permalink: http://blog.binamuse.com/2013/05/readerbmprle.html
- Date published: 2013-05-14
- Date of last update: 2013-05-14
- Class: Client side Integer Overflow
Adobe Reader X fails to validate the input when parsing an embedded BMP RLE encoded image. Arbitrary code execution in the context of the sandboxed process is proved possible after a malicious bmp image triggers a heap overflow. Quick links: [White paper](http://www.binamuse.com/papers/XFABMPReport.pdf), [Exploit generator in python](https://github.com/feliam/CVE-2013-2729/blob/master/XFABMPExploit.py) and [PoC.pdf](https://github.com/feliam/CVE-2013-2729/blob/master/E10.1.4.pdf?raw=true) for Reader 10.1.4.
Antivirus test ~1 year later (03/2014):
* Avast: https://www.youtube.com/watch?v=S3X_zsy4k28
* Bitdefender: https://www.youtube.com/watch?v=XF25bzzwZk0
文件快照
[4.0K] /data/pocs/14dbdbb3d4a08dd999f52169babb3cc05a46e476
├── [395K] E10.1.4.pdf
├── [4.0K] minipdf
│ ├── [ 15K] filters.py
│ ├── [ 65] __init__.py
│ ├── [ 25K] lzw.py
│ ├── [7.7K] minipdfo.py
│ └── [5.7K] minipdf.py
├── [1.3K] README.md
└── [ 28K] XFABMPExploit.py
1 directory, 8 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。