关联漏洞
标题:
Foxit Reader和PhantomPDF 数据伪造问题漏洞
(CVE-2020-11493)
描述:Adobe Reader是美国等都是美国奥多比(Adobe)公司的产品。Reader是一套PDF文档阅读软件。Foxit Reader等都是中国福昕(Foxit)公司的产品。Foxit Reader是一款PDF文档阅读器。mPDF等都是的产品。mPDF是一款使用PHP编写的用于将HTML转换成PDF文件的库。 Foxit Reader和PhantomPDF 10.0.1之前版本以及9.7.3之前版本存在安全漏洞,该漏洞允许攻击者获得敏感信息。
介绍
# CVE-2020-11492
Proof-of-Concept (PoC) for Docker Desktop for Windows privilege escalation vulnerability. This vulnerability was
patched in Docker version 2.3.0.2 on May 11th, 2020.
This PoC performs the following:
- creates a named pipe mimicking docker named pipe `\\.\\pipe\\dockerLifecycleServer`,
- call `ImpersonateNamedPipeClient` after connection from docker service,
- retrieve and duplicate the impersonated access token from the current thread,
- launch a new process with the token. The new process will run as `SYSTEM`.
## Note
The right to impersonate the named pipe client is not held by standard users. To exploit, one must run this PoC as an account with the right, for example `nt authority\network service`.
# References
- https://www.pentestpartners.com/security-blog/docker-desktop-for-windows-privesc-cve-2020-11492/
文件快照
[4.0K] /data/pocs/5ac8fcbf813f4b78cbb0a44b626697b9211b1ddf
├── [4.0K] CVE-2020-11492
│ ├── [3.7K] CVE-2020-11492.cpp
│ ├── [7.2K] CVE-2020-11492.vcxproj
│ └── [1.0K] CVE-2020-11492.vcxproj.filters
├── [5.8M] cve-2020-11492.gif
├── [1.4K] CVE-2020-11492.sln
└── [ 846] README.md
1 directory, 6 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。