Email address | private |
---|---|
First Active | 2008-07-10 |
Last Active | 2013-05-31 |
SketchUp is a 3D modeling program marketed by Google (2011) and designed for architectural, civil, and mechanical engineers as well as filmmakers, game developers, and related professions. SketchUp fails to validate the input when parsing an embedded MACPict texture. Arbitrary code execution is proved possible after a malicious texture or thumbnail or background image triggers a stack overflow. The issue can also be triggered when Windows Explorer reads the embedded thumbnail in a .skp file.
5d7db50f9ade70ce95f84ac3b672882ffe82ae29e7be793a09e28762eee3b890
SketchUp is a 3D modeling program marketed by Google (2011) and designed for architectural, civil, and mechanical engineers as well as filmmakers, game developers, and related professionals. SketchUp fails to validate the input when parsing an embedded BMP RLE8 compressed texture. Arbitrary code execution is proved possible after a malicious texture or thumbnail or background image triggers a heap overflow. The issue can also be triggered when Windows Explorer reads the embedded thumbnail in a .skp file.
17f8e6491de725a6356d5a28d83dd57f558bceb76d8c03f99d318c61e37535e5
This Metasploit module exploits a vulnerability on Adobe Reader X Sandbox. The vulnerability is due to a sandbox rule allowing a Low Integrity AcroRd32.exe process to write register values which can be used to trigger a buffer overflow on the AdobeCollabSync component, allowing to achieve Medium Integrity Level privileges from a Low Integrity AcroRd32.exe process. This Metasploit module has been tested successfully on Adobe Reader X 10.1.4 over Windows 7 SP1.
362b070d8c1cff7e3047e6ccc9833c6d39410fbd8d44ca7e08e17d15068ff919
Adobe Illustrator CS5.5 memory corruption proof of concept exploit that spawns a calculator.
35acd4b2f3b86dad800d4dd1e04e53c4376cae35b9ee1d7a968284f59cf357ee
This Metasploit module exploits an array overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.4, < 8.1.7, and < 9.2. By creating a specially crafted pdf that a contains malformed U3D data, an attacker may be able to execute arbitrary code.
7d4d1c9d8fe1d36f17d6776c8b9cbcf05cf5f1144bc437fe3eb1909f688d2b15
This Metasploit module exploits an array overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.4, < 8.1.7, and < 9.2. By creating a specially crafted pdf that a contains malformed U3D data, an attacker may be able to execute arbitrary code.
fdb0c241722cd2aa67d4eb9f05c46f52ce09ac8fae6eb7afb1cb35f20897926e
When a U3D CLODProgressiveMeshContinuation (blocktype: 0xFFFFFF3C) is parsed by Adobe Acrobat Reader U3D plugin the split position index is read from the input without any validation. That index is then used for getting an object out of the limits of the array, object from which a function pointer is dereferenced and called. Adobe Acrobat Reader version 8.1.6 and below and 9.1.3 and below are affected.
f13045466b5a75506fbe65fd83ad85cca5999df4143ceaf0a1f3d413d2624905
This is a detailed analysis regarding the U3D CLODProgressiveMeshDeclaration initialization array overrun that affects Adobe Acrobat Reader versions 7.x, 8.x, and 9.x. Exploit included.
c090417dc1342b3cda436100dd5256853c41e6b89eb64b311be1a05620d98e00
The libpoppler pdf rendering library can free uninitialized pointers leading to arbitrary code execution. This vulnerability results from memory management bugs in the Page class constructor/destructor. Proof of concept code included.
c1288b18cc7452b560c12a505d9330fb0bd9fbaa310774754459fd282a0736a0