CVE-2023-21608 PoC — Adobe Acrobat Reader 资源管理错误漏洞

Source

https://github.com/Malwareman007/CVE-2023-21608

Associated Vulnerability

Title:Adobe Acrobat Reader 资源管理错误漏洞 (CVE-2023-21608)
Description:Adobe Acrobat Reader是美国奥多比（Adobe）公司的一款PDF查看器。该软件用于打印，签名和注释 PDF。 Adobe Acrobat Reader 22.003.20282（及更早版本）、22.003.20281（及更早版本）和 20.005.30418（及更早版本）存在资源管理错误漏洞，该漏洞源于受释放后重用漏洞影响，该漏洞可能导致在当前用户的上下文中执行任意代码。利用此问题需要用户交互，因为受害者必须打开恶意文件。

Description

Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit

Readme

# CVE-2023-21608
Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit

# Blog
https://medium.com/@Kushagra007/adobe-acrobat-reader-resetform-cagg-uaf-rce-exploit-cve-2023-21608-652624346c8f

# DEMO

https://user-images.githubusercontent.com/86009160/218384322-c012229a-1a29-4b2d-b107-b55747e4ee10.mp4

File Snapshot


 [4.0K]  /data/pocs/ea945accf45e233363aaba2d20035d910b2cf2b5
├── [1.1K]  crash.js
├── [2.8K]  crash.pdf
├── [ 11K]  exploit.js
├── [ 13K]  exploit.pdf
├── [ 26K]  LICENSE
└── [ 318]  README.md

0 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!