Title : Adobe Reader 11.0.0 Stack overflow Version : 11.0.0.379 Date : 2012-11-01 Vendor : http://www.adobe.com/ Impact : Med Contact : coolkaveh [at] rocketmail.com Twitter : @coolkaveh tested : Windows 7 X64 ENG Author : coolkaveh ########################################################################################################### Bug : ---- Don't forget that exploitable bugs will be published after being patched ---- Stack Exhaustion vulnerability during the handling of the pdf files. That will trigger a denial of service condition ---- ############################################################################################################ ADOBE_READLOGGER_CMD:PAUSE_LOG ModLoad: 71770000 71799000 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\BIBUtils.dll (23ac.1cc8): Stack overflow - code c00000fd (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=00acefa8 ebx=004431a8 ecx=0000001c edx=00000be7 esi=00443094 edi=00443130 eip=772a22a8 esp=00443000 ebp=0044300c iopl=0 nv up ei pl nz na pe nc cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010206 ntdll!RtlEnterCriticalSection+0x8: 772a22a8 56 push esi ########################################################################################################### Proof of concept included. http://www42.zippyshare.com/v/23669551/file.html Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/22464.pdf