CVE-2013-2729 PoC — Adobe Reader和Acrobat 数字错误漏洞

Source

Associated Vulnerability

Readme

#Adobe Reader BMP/RLE heap corruption - CVE-2013-2729

Adobe Reader X is a powerful software solution developed by Adobe Systems to view, create, manipulate, print and manage files in Portable Document Format (PDF). Since version 10 it includes the Protected Mode, a sandbox technology similar to the one in Google Chrome which improves the overall security of the product. 

- Title:               Adobe Reader BMP/RLE heap corruption
- CVE Name:            CVE-2013-2729
- Permalink:           http://blog.binamuse.com/2013/05/readerbmprle.html
- Date published:      2013-05-14
- Date of last update: 2013-05-14
- Class:               Client side Integer Overflow


Adobe Reader X fails to validate the input when parsing an embedded BMP RLE encoded image. Arbitrary code execution in the context of the sandboxed process is proved possible after a malicious bmp image triggers a heap overflow. Quick links: [White paper](http://www.binamuse.com/papers/XFABMPReport.pdf), [Exploit generator in python](https://github.com/feliam/CVE-2013-2729/blob/master/XFABMPExploit.py) and [PoC.pdf](https://github.com/feliam/CVE-2013-2729/blob/master/E10.1.4.pdf?raw=true) for Reader 10.1.4. 

Antivirus test ~1 year later (03/2014):
* Avast: https://www.youtube.com/watch?v=S3X_zsy4k28
* Bitdefender: https://www.youtube.com/watch?v=XF25bzzwZk0

File Snapshot

 [4.0K]  /data/pocs/14dbdbb3d4a08dd999f52169babb3cc05a46e476
├── [395K]  E10.1.4.pdf
├── [4.0K]  minipdf
│   ├── [ 15K]  filters.py
│   ├── [  65]  __init__.py
│   ├── [ 25K]  lzw.py
│   ├── [7.7K]  minipdfo.py
│   └── [5.7K]  minipdf.py
├── [1.3K]  README.md
└── [ 28K]  XFABMPExploit.py

1 directory, 8 files

Remarks