| Email address | private |
|---|---|
| First Active | 2008-07-10 |
| Last Active | 2013-05-31 |
SketchUp is a 3D modeling program marketed by Google (2011) and designed for architectural, civil, and mechanical engineers as well as filmmakers, game developers, and related professions. SketchUp fails to validate the input when parsing an embedded MACPict texture. Arbitrary code execution is proved possible after a malicious texture or thumbnail or background image triggers a stack overflow. The issue can also be triggered when Windows Explorer reads the embedded thumbnail in a .skp file.
5d7db50f9ade70ce95f84ac3b672882ffe82ae29e7be793a09e28762eee3b890SketchUp is a 3D modeling program marketed by Google (2011) and designed for architectural, civil, and mechanical engineers as well as filmmakers, game developers, and related professionals. SketchUp fails to validate the input when parsing an embedded BMP RLE8 compressed texture. Arbitrary code execution is proved possible after a malicious texture or thumbnail or background image triggers a heap overflow. The issue can also be triggered when Windows Explorer reads the embedded thumbnail in a .skp file.
17f8e6491de725a6356d5a28d83dd57f558bceb76d8c03f99d318c61e37535e5This Metasploit module exploits a vulnerability on Adobe Reader X Sandbox. The vulnerability is due to a sandbox rule allowing a Low Integrity AcroRd32.exe process to write register values which can be used to trigger a buffer overflow on the AdobeCollabSync component, allowing to achieve Medium Integrity Level privileges from a Low Integrity AcroRd32.exe process. This Metasploit module has been tested successfully on Adobe Reader X 10.1.4 over Windows 7 SP1.
362b070d8c1cff7e3047e6ccc9833c6d39410fbd8d44ca7e08e17d15068ff919Adobe Illustrator CS5.5 memory corruption proof of concept exploit that spawns a calculator.
35acd4b2f3b86dad800d4dd1e04e53c4376cae35b9ee1d7a968284f59cf357eeThis Metasploit module exploits an array overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.4, < 8.1.7, and < 9.2. By creating a specially crafted pdf that a contains malformed U3D data, an attacker may be able to execute arbitrary code.
7d4d1c9d8fe1d36f17d6776c8b9cbcf05cf5f1144bc437fe3eb1909f688d2b15This Metasploit module exploits an array overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.4, < 8.1.7, and < 9.2. By creating a specially crafted pdf that a contains malformed U3D data, an attacker may be able to execute arbitrary code.
fdb0c241722cd2aa67d4eb9f05c46f52ce09ac8fae6eb7afb1cb35f20897926eWhen a U3D CLODProgressiveMeshContinuation (blocktype: 0xFFFFFF3C) is parsed by Adobe Acrobat Reader U3D plugin the split position index is read from the input without any validation. That index is then used for getting an object out of the limits of the array, object from which a function pointer is dereferenced and called. Adobe Acrobat Reader version 8.1.6 and below and 9.1.3 and below are affected.
f13045466b5a75506fbe65fd83ad85cca5999df4143ceaf0a1f3d413d2624905This is a detailed analysis regarding the U3D CLODProgressiveMeshDeclaration initialization array overrun that affects Adobe Acrobat Reader versions 7.x, 8.x, and 9.x. Exploit included.
c090417dc1342b3cda436100dd5256853c41e6b89eb64b311be1a05620d98e00The libpoppler pdf rendering library can free uninitialized pointers leading to arbitrary code execution. This vulnerability results from memory management bugs in the Page class constructor/destructor. Proof of concept code included.
c1288b18cc7452b560c12a505d9330fb0bd9fbaa310774754459fd282a0736a0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed