One Article Review
| Source |  Fortinet |
|---|---|
| Identifiant | 4447 |
| Date de publication | 2016-07-20 09:52:44 (vue: 2016-07-20 09:52:44) |
| Titre | Analysis of CVE-2016-4203 - Adobe Acrobat and Reader CoolType Handling Heap Overflow Vulnerability (Recyclage) |
| Texte | SummaryRecently, Adobe patched some security vulnerabilities in Adobe Acrobat and Reader. One of them is a heap buffer overflow vulnerability (CVE-2016-4203) I recently discovered. In this blog, we want to share our analysis of this vulnerability.Proof of ConceptThis vulnerability can be reproduced by opening the PoC file “poc_minimized.pdf” with Adobe Reader DC. When opened, AcroRd32.exe crashes, and the crash information is shown below:(8de0.6bc4): Access violation - code c0000005 (first chance)First chance exceptions... |
| Notes | |
| Envoyé | Oui |
| Condensat | 2016 4203 6bc4 8de0 access acrobat acrord32 adobe analysis below: blog buffer c0000005 can chance code conceptthis cooltype crash crashes cve discovered exceptions exe file first handling heap information minimized one opened opening overflow patched pdf†poc proof reader recently reproduced security share shown some summaryrecently them violation vulnerabilities vulnerability want when “poc |
| Tags | |
| Stories | |
| Move | 
|
Les reprises de l'article (1):
| Source | Fortinet |
|---|---|
| Identifiant | 2484 |
| Date de publication | 2016-06-06 20:43:36 (vue: 2016-06-06 20:43:36) |
| Titre | Analysis of Use-After-Free Vulnerability (CVE-2016-4119) in Adobe Acrobat and Reader |
| Texte | SummaryRecently, Adobe patched some security vulnerabilities in Adobe Acrobat and Reader. One of them is a use-after-free vulnerability (CVE-2016-4119) discovered by Fortinet's FortiGuard Labs. In this blog, we want to share our analysis of this vulnerability.Proof of ConceptThis vulnerability can be reproduced by opening the PDF file “PoC_decrypt.pdf” with Adobe Reader DC. When opened, AcroRd32.exe crashes, and the crash information shows the following:(28d8.110): Access violation - code c0000005 (first chance)First chance exceptions are reported... |
| Notes | ★★★★ |
| Envoyé | Oui |
| Condensat | 110 2016 28d8 4119 access acrobat acrord32 adobe after analysis are blog c0000005 can chance code conceptthis crash crashes cve decrypt discovered exceptions exe file first following: fortiguard fortinet's free information labs one opened opening patched pdf pdf†proof reader reported reproduced security share shows some summaryrecently them use violation vulnerabilities vulnerability want when “poc |
| Tags | |
| Stories | |
| Move |
|
L'article ne semble pas avoir été repris sur un précédent.