SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Generic)  >  Adobe Acrobat Vendors:  Adobe Systems Incorporated
[Unconfirmed] Acrobat Reader Invalid-ID-Handle-Error Buffer Overflow May Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1013774
SecurityTracker URL:  http://securitytracker.com/id?1013774
CVE Reference:  GENERIC-MAP-NOMATCH   (Links to External Site)
Updated:  May 2 2005
Original Entry Date:  Apr 21 2005
Impact:  Execution of arbitrary code via network, User access via network
Version(s): 6.0 and prior versions
Description:  White-Knight of the Alpha Hackers Digital Security Team reported a vulnerability in Adobe Acrobat Reader. A remote user may be able to cause arbitrary code to be executed.

A remote user can reportedly create a specially crafted PDF file that, when loaded by Acrobat Reader, will trigger an Invalid-ID-Handle-Error in 'AcroRd32.exe'. User supplied values may be written to certain memory locations and potentially executed.

[Editor's note: The vendor has been unable to reproduce this. The vendor also indicates that the reporter has refused to provide sufficient details to confirm the issue. The author of the original report has not provided any additional vulnerability details to us, either. This report cannot be confirmed at this time and may be deleted from our database.]
Impact:  A remote user can reportedly create a PDF file that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution:  No solution was available at the time of this entry.
Vendor URL:  www.adobe.com/ (Links to External Site)
Cause:  Boundary error
Underlying OS:  Windows (Any)
Reported By:  "White Knight" <whiteknight@alphahackers.com>
Message History:   None.

 Source Message Contents
Date:  Wed, 20 Apr 2005 14:43:50 +0330
From:  "White Knight" <whiteknight@alphahackers.com>
Subject:  Vulnerability in Adobe Acrobat Reader 6.0

 
 
Topic:                    Memory Handling Vulnerability in Adobe Acrobat Reader 6.0
Author:                   White-Knight (The manager of the Alpha Hackers Digital Security Team)
Author E-Mail Address:    whiteknight@alphahackers.com
Discovery Date:           April, 16 2005
Software affected:        Adobe Acrobat Reader 6.0 and prior
Exploitable:              Yes
Risk:                     Medium
Website:                  http://www.alphahackers.com
Thanks To:                C0nN3ct0r From Black_Devils B0ys Digital Network Security Group and
                          the members of the Alpha Hackers Digital Security Team.
 
 
Description:
 
AcroRd32.exe has a memory handling vulnerability with opening some PDF files.
This vulnerability makes an Invalid-ID-Handle-Error in the program that causes an attacker insert an 
input value 
in this address of memory: 74D91000.
The size of this memory address is: 00044000.
So it shows us that, this program is vulnerable for injecting executable codes.
I didn't have enough time to write the exploit of this vulnerability. if anyone has this time, 
just mail me for getting more information about this vulnerability.
 
 
 
Vendor:
 
http://www.adobe.com/


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2005, SecurityGlobal.net LLC