[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Adobe Reader invalid root page node Count value DOS
From:       Hongzhen Zhou <felix__zhou () hotmail ! com>
Date:       2005-02-18 1:33:22
Message-ID: 20050218013322.12994.qmail () www ! securityfocus ! com
[Download RAW message or body]



         Adobe Reader invalid root page node Count value DOS

Author
======
    Fortinet,inc (hongzhen zhou <felix__zhou _at_ hotmail _dot_ com>)

Vulnerable
==========
    Acrobat Reader 7.0.0 for Windows (English Version) -- latest version
    Acrobat Reader 6.0.3 for Windows (Simplied Chinese Version)
    ( Other versions are not tested. )

Description
===========
When the "Count" value of the root page node set to a negative digit, the Adobe \
Reader may not crash immediately, but if the user used mouse to click the client \
rectangle of the Reader immediately, then it died. I change the "PageMode" value of \
"Catalog"  to "FullScreen"(that means display the document in full-screen mode),
then the Reader crashes immediately and automatically:). 

POC
===
    http://www.xfocus.net/tools/200502/POC.pdf


[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic