Client Side | Core Security

A code execution vulnerability exists in the way that Adobe Reader handles specially crafted .PDF files when opening in Internet Explorer 6 or 7 This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.

This module exploits a heap based buffer overflow vulnerability in Adobe Reader when handling a specially crafted .PDF file. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

This module exploits a vulnerability in Adobe Reader when parsing a .PDF file with a malformed font embedded. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

This module exploits a vulnerability in Adobe Reader when parsing a .PDF file with a malformed Flash file embedded. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by opening the malicious .PDF file in Adobe Reader.

This module exploits a vulnerability in Adobe Reader when parsing .PDF files. The vulnerability is caused due to a boundary error in authplay.dll when handling crafted malicious Flash (.SWF) file or by embedding a malicious Flash application in a .PDF file. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.

Adobe Premiere CS4 is prone to a vulnerability that may allow the execution of any library file named iacenc.dll, if this dll is located in the same folder than a .PPJ file. The attacker must entice a victim into opening a specially crafted .PPJ file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.

Adobe Pixel Bender Toolkit is prone to a vulnerability that may allow execution of tbbmalloc.dll if this dll is located in the same folder than .PBK file. The attacker must entice a victim into opening a specially crafted .PBK file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.

Adobe Photoshop CS5 is prone to a vulnerability that may allow execution of wintab32.dll if this dll is located in the same folder than .PSD file. The attacker must entice a victim into opening a specially crafted .PSD file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.

Adobe Photoshop CS4 is prone to a vulnerability that may allow execution of dwmapi.dll if this dll is located in the same folder than .PSD file. The attacker must entice a victim into opening a specially crafted .PSD file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.

Subscribe to Client Side

Privacy Policy

Cookie Policy

Terms of Service

Accessibility

Impressum