This module exploits a vulnerability in Adobe Reader and Acrobat 8.0.1 and earlier on systems with Internet Explorer 7 installed. The module will send an e-mail with an attached .pdf file. This file will deploy an agent when opened by the user.
This module runs a web server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by exploiting a vulnerability in Adobe Reader and Acrobat 7.0.8 and earlier, which allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering. The module will send an e-mail with an attached .pdf file. This file will deploy an agent when opened by the user. Additionally, the module will allow users to download the malformed .pdf file from Core Impact's Web Server. Also, this module can drop a specially crafted PDF file in a local folder of the user's choice. This file can later be placed in a shared folder. Exploitation will occur in the first case when the user double clicks on the file.
This module exploits a vulnerability in Adobe Reader and Adobe Acrobat Professional .PDF files. The vulnerability is caused due to boundary errors in newplayer() method in multimedia.api. This can be exploited to cause a buffer overflow when a specially crafted .PDF file is opened. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.
This module exploits a vulnerability in Adobe Reader and Adobe Acrobat Professional .PDF files. The vulnerability is caused due to boundary errors in collectEmailInfo() method in EScript.api. This can be exploited to cause a stack-based buffer overflow when a specially crafted PDF file is opened. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.
This module exploits a stack based buffer overflow vulnerability in Adobe Reader when handling a specially crafted PDF file. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.
This module exploits a heap based buffer overflow vulnerability in Adobe Reader when handling a specially crafted PDF file. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.
The vulnerability is caused due to a boundary error in MAIPM6.DLL when handling font names in PageMaker (.PMD) files. This can be exploited to cause a stack-based buffer overflow via a specially-crafted .PMD file containing an overly long font name.
Adobe LiveCycle Designer is prone to a vulnerability that may allow the execution of any library file named objectassisten_US.dll, if this dll is located in the same folder than a .TDS file. The attacker must entice a victim into opening a specially crafted .TDS file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
Adobe InDesign CS4 is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .INX file. The attacker must entice a victim into opening a specially crafted .INX file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
Subscribe to Windows