Kakkoi » buffer+overflow

Adobe Acrobat, Acrobat 3D & Reader Multiple Vulnerabilities

Noah Ark — Sat, 09 Feb 2008 14:35:38 +0000

A JavaScript Buffer Overflow in Adobe Acrobat, Acrobat 3D & Reader allowed remote attacker to execute arbitrary code. The code will run with the privileges of the target user opening the PDF document.

Excerpt from iDefense Public Advisory;

Adobe Reader and Acrobat implement a version of JavaScript in the EScript.api plug-in which is based on the reference implementation used in Mozilla products. One of the methods exposed allows direct control over low level features of the object, which in turn allows execution of arbitrary code.

Workaround

Disabled Adobe Reader & Acrobat JavaScript. Perform Update ↓

Update -Adobe Acrobat & Reader version 8.1.2

Adobe released version 8.1.2 of Adobe Reader, Acrobat & Acrobat 3D to address
these vulnerabilities.

These vulnerabilities were discovered by Greg MacManus of VeriSign iDefense Labs.

How to safely remove AcroRd32Info.exe (Adobe Reader)

External Links

Security update available for Adobe Reader and Acrobat 8 (APSA08-01)

Block Apple Quicktime ActiveX & RTSP Exploit

Nick B — Thu, 06 Dec 2007 17:45:50 +0000

Apple QuickTime contains a stack buffer overflow vulnerability in the way it handles the RTSP Content-Type header. This vulnerability may be exploited by specially crafted RTSP stream protocol

Live Example

Elia Florio (Symantec) wrap a good introduction post regarding QuickTime 0 day Exploit.

Workarounds

You may try the following workarounds, as there is no complete patch for this this vulnerability.

Block TCP port 554 (optionaly 7070) and UDP 6970 through 6999 in your firewall

Update Quicktime

Disabled Apple Quicktime ActiveX control running in Internet Explorer (Windows registry file)

For Firefox - Noscripts addons