Cool PDF Reader 3.0.2.256 - Buffer Overflow

EDB-ID:

24463


Platform:

Windows

Published:

2013-02-07

# Exploit Title: Cool PDF Reader 3.0.2.256 buffer overflow
# Vulnerability Disclosed to US-CERT by Chris Gabriel: 11-20-2012
# Emailed vendor: 12-4-2012
# Francis Provencher discovered vulnerability and reported to Secunia: 12-19-2012
# Vulnerability Discovery: Francis Provencher (Protek Research Lab's) @ProtekResearch
# Vulnerability Discovery: Chris Gabriel
# Exploit Author: Chris Gabriel
# Vendor Homepage: http://www.pdf2exe.com/reader.html
# Version: CoolPDF 3.0.2.256 
# Tested on: Windows XP SP3
# CVE: CVE-2012-4914
# Reference: http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=70&Itemid=70
# Reference: http://secunia.com/advisories/51602

PoC:  https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/24463.py