Acrobat Reader多个远程溢出漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1111951 漏洞类型 输入验证
发布时间 2007-01-06 更新时间 2007-01-15
CVE编号 CVE-2007-0103 CNNVD-ID CNNVD-200701-070
漏洞平台 Linux CVSS评分 6.8
|漏洞来源
https://www.exploit-db.com/exploits/29399
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200701-070
|漏洞详情
AcrobatReader是非常流行的PDF文件阅读器。PDF格式将文档对象层次的根定义为"目录词典",目录中包含有到对象的引用、构成文档内容的数据及其属性,以及定义如何向用户显示文档的指令。当前的PDF规范中存在设计错误,如果引用了无效的页面树节点或对象的话,目录中恶意的Pages项设置或恶意的目录词典可能会出现非预期的情况,包括内存破坏、内存泄漏或拒绝服务。
|漏洞EXP
source: http://www.securityfocus.com/bid/21910/info

Multiple PDF readers are prone to multiple remote buffer-overflow vulnerabilities because the applications fail to bounds-check user-supplied data before copying it into an insufficiently sized buffer. 

An attacker may be able exploit this issue to execute arbitrary code within the context of the affected application. In some circumstances, the vulnerability can be exploited only to cause a denial of service.

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/29399.pdf
|参考资料

来源:US-CERT
名称:TA07-072A
链接:http://www.us-cert.gov/cas/techalerts/TA07-072A.html
来源:XF
名称:multiple-vendor-pdf-code-execution(31364)
链接:http://xforce.iss.net/xforce/xfdb/31364
来源:SECTRACK
名称:1017749
链接:http://www.securitytracker.com/id?1017749
来源:BID
名称:21910
链接:http://www.securityfocus.com/bid/21910
来源:VUPEN
名称:ADV-2007-0930
链接:http://www.frsirt.com/english/advisories/2007/0930
来源:SECUNIA
名称:24479
链接:http://secunia.com/advisories/24479
来源:MISC
链接:http://projects.info-pull.com/moab/MOAB-06-01-2007.html
来源:docs.info.apple.com
链接:http://docs.info.apple.com/article.html?artnum=305214