[EXPL] Adobe Acrobat acroie Denial of Service
- From: SecuriTeam <support@xxxxxxxxxxxxxx>
- Date: 11 Sep 2008 21:35:20 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
- - - - - - - - -
Adobe Acrobat acroie Denial of Service
A vulnerability in Adobe Acrobat 9 allow attackers to cause the program to
crash by providing it with a malformed URL, the following exploit can be
used to test your system for the mentioned vulnerability.
* Adobe Acrobat 9
<!-- Jeremy Brown (0xjbrown41@xxxxxxxxx/jbrownsec.blogspot.com)
Adobe Acrobat 9 Remote DoS (--) Tested on AA9/IE7/Vista
I can't seem to reproduce this on XP! Oh well.
Of course the most popular app for reading pdfs is SfS/SfI :)
Basically it will crash with any uri that adobe doesn't like.
Also interesting: try with file:///DoS and look in bottom left area
target.src = arg1
The information has been provided by <mailto:0xjbrown41@xxxxxxxxx> Jeremy
The original article can be found at:
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@xxxxxxxxxxxxxx
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@xxxxxxxxxxxxxx
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Prev by Date: [UNIX] Linux Kernel SCTP-AUTH API Information Disclosure Vulnerability and NULL Pointer Dereferences
- Next by Date: [EXPL] Wordpress Column Truncation Allows Adminstrative Takeover (register)
- Previous by thread: [UNIX] Linux Kernel SCTP-AUTH API Information Disclosure Vulnerability and NULL Pointer Dereferences
- Next by thread: [EXPL] Wordpress Column Truncation Allows Adminstrative Takeover (register)