Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Generic)  >   Adobe Acrobat/Reader Vendors:   Adobe Systems Incorporated
[Unconfirmed] Acrobat Reader Invalid-ID-Handle-Error Buffer Overflow May Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1013774
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Updated:  May 2 2005
Original Entry Date:  Apr 21 2005
Impact:   Execution of arbitrary code via network, User access via network

Version(s): 6.0 and prior versions
Description:   White-Knight of the Alpha Hackers Digital Security Team reported a vulnerability in Adobe Acrobat Reader. A remote user may be able to cause arbitrary code to be executed.

A remote user can reportedly create a specially crafted PDF file that, when loaded by Acrobat Reader, will trigger an Invalid-ID-Handle-Error in 'AcroRd32.exe'. User supplied values may be written to certain memory locations and potentially executed.

[Editor's note: The vendor has been unable to reproduce this. The vendor also indicates that the reporter has refused to provide sufficient details to confirm the issue. The author of the original report has not provided any additional vulnerability details to us, either. This report cannot be confirmed at this time and may be deleted from our database.]

Impact:   A remote user can reportedly create a PDF file that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution:   No solution was available at the time of this entry.
Vendor URL: (Links to External Site)
Cause:   Boundary error
Underlying OS:  Windows (Any)

Message History:   None.

 Source Message Contents

Subject:  Vulnerability in Adobe Acrobat Reader 6.0

Topic:                    Memory Handling Vulnerability in Adobe Acrobat Reader 6.0
Author:                   White-Knight (The manager of the Alpha Hackers Digital Security Team)
Author E-Mail Address:
Discovery Date:           April, 16 2005
Software affected:        Adobe Acrobat Reader 6.0 and prior
Exploitable:              Yes
Risk:                     Medium
Thanks To:                C0nN3ct0r From Black_Devils B0ys Digital Network Security Group and
                          the members of the Alpha Hackers Digital Security Team.


AcroRd32.exe has a memory handling vulnerability with opening some PDF files.
This vulnerability makes an Invalid-ID-Handle-Error in the program that causes an attacker insert an input value 
in this address of memory: 74D91000.
The size of this memory address is: 00044000.
So it shows us that, this program is vulnerable for injecting executable codes.
I didn't have enough time to write the exploit of this vulnerability. if anyone has this time, 
just mail me for getting more information about this vulnerability.


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC