Title : Adobe Reader 11.0.0 Stack overflow
Version : 11.0.0.379
Date : 2012-11-01
Vendor : http://www.adobe.com/
Impact : Med
Contact : coolkaveh [at] rocketmail.com
Twitter : @coolkaveh
tested : Windows 7 X64 ENG
Author : coolkaveh
###########################################################################################################
Bug :
----
Don't forget that exploitable bugs will be published after being patched
----
Stack Exhaustion vulnerability during the handling of the pdf files.
That will trigger a denial of service condition
----
############################################################################################################
ADOBE_READLOGGER_CMD:PAUSE_LOG
ModLoad: 71770000 71799000 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\BIBUtils.dll
(23ac.1cc8): Stack overflow - code c00000fd (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00acefa8
ebx=004431a8
ecx=0000001c
edx=00000be7
esi=00443094
edi=00443130
eip=772a22a8
esp=00443000
ebp=0044300c iopl=0 nv up ei pl nz na pe nc
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010206
ntdll!RtlEnterCriticalSection+0x8:
772a22a8 56 push esi
###########################################################################################################
Proof of concept included.
http://www42.zippyshare.com/v/23669551/file.html
Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/22464.pdf
