SumatraPDF 2.0.1 - (.chm) & (.mobi) Memory Corruption



EDB-ID: 18771 CVE: N/A OSVDB-ID: 81322
Author: shinnai Published: 2012-04-23 Verified: Not Verified
Exploit Code:   Download Vulnerable App:    Download

Rating

(0.0)
Prev Home Next
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=============================================================================
=============================================================================
 SumatraPDF v2.0.1 chm and mobi files memory corruption

 Author: shinnai
 mail:   shinnai[at]autistici[dot]org
 site:   http://shinnai.altervista.org/

 This was written for educational purpose. Use it at your own risk.
 Author will be not responsible for any damage.

 Tested on:
 Microsoft Windows 7 Professional 
 6.1.7601 Service Pack 1 build 7601

 Info:
 PoC released as is, I have no time at the moment for further investigations
=============================================================================
=============================================================================

 Proof of concept:

http://shinnai.altervista.org/exploits/sumatra.rar
http://www.exploit-db.com/sploits/18771.rar

=============================================================================
=============================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (MingW32)

iQIcBAEBAgAGBQJPlP/0AAoJEJlK/ai8vywmZAMP/RGuHEXp0wa1VGI1sNrGUg98
7WifnPAeQfLmYkEYY/kugvz+Sba/yG2zJZCg+t5DBgANCVe54PHfkudqUVSmtM/l
DbZpSbcYX4IGKDt7hY1C7AT5buhRxJS1H4qE6HDE0vC8Lo3ZEwj1f6ArXwvPGL3W
kOp9CKL8W/6dL1FTTyyEfsCi52XmyoG5rP40xqzrW++m1PEZVt/kGtv+cS0Rl2Mq
sWkFqEJn0DhZj0XZyIm8mNcZofR4a6LBLWK9JwOQcgXbva1mkdM1+sOX9sd82WLJ
t6uZKXJ7jV5BfsajnNmupHE/RWgxu4fSYEnyIJqYljlBGjxbVSzDVB3qRq9rTEz4
hiWHVv1/QIup8OtpV5CUjwPt55mQGHkfBoXcIa26dIHGb4CKeuxX7sMBA7Ip8XR4
l7Ku9YXjGZMmNbc8NfsB4Td/H5teAR1cR1j9lWvAEnQe7vDnjq5EdHyNLGmtg4Z3
9Ky9YYA2ZH/QgFNAXv4U6drZ4YISRqWKS7u3Wyvwv3o8+yNWZ3UUIiRpm7MAkWQa
Y7E4WBoMmMkexYn/iqarbBDDe5lIU8z+9H538u/JhiJfCYoCCKW5ga1MA+64vLCj
8SnMpqB0hupl0LLCXTXapGfefOsm9gkEm31oC9U8Bsi0O4zWF6+Q7EipPLd9AkjC
hfANp4pmPDJGnYkagOxx
=q6Gx
-----END PGP SIGNATURE-----