Skip to content
cyberexploits
localwindowstext

Adobe Reader X 10.0.0 < 10.0.1 - Atom Type Confusion Exploit

Adobe Reader X 10.0.0 < 10.0.1 - Atom Type Confusion Exploit

Published on 2011-07-03

Source code

Pinned to commit 7eac4c3a2ce5
textplatforms/windows/local/17473.txt7eac4c3a
raw
# Exploit Title: Adobe Reader X Atom Type Confusion Vulnerability Exploit

# Date: 7/3/2011

# Author: Snake ( Shahriyar.j < at > gmail )

# Version: Adobe Reader X < 10.1

# Tested on: 10.0.0 - 10.0.1 - Windows 7 - IE/FF/Opera

# CVE : CVE-2011-0611

#

#This is the exploit I wrote for Abysssec "The Arashi" article.

#It gracefully bypass DEP/ASLR ( not the sandbox ) in Adobe Reader X,

#and we named this method "Tatsumaki DEP/ASRL Bypass" : >

#It work reliably on IE9/FF4 and other browsers.

#

# The Arashi : http://abysssec.com/files/The_Arashi.pdf

               http://www.exploit-db.com/docs/17469.pdf

# me : twitter.com/ponez

# also check here for The Persian docs of this methods and more :

http://www.0days.ir/article/



Exploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/17473.pdf (cve-2011-0611_exploit.pdf)



View on GitHub