module

VeryPDF PDFView OCX ActiveX OpenPDF Heap Overflow

Try Surface Command
Back to search
Disclosed
Jun 16, 2008
Created
May 30, 2018

Description

The VeryPDF PDFView ActiveX control is prone to a heap buffer-overflow
because it fails to properly bounds-check user-supplied data before copying
it into an insufficiently sized memory buffer. An attacker can exploit this issue
to execute arbitrary code within the context of the affected application.

Authors

MC mc@metasploit.com
dean dean@zerodaysolutions.com

Platform

Windows

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':


    msf > use exploit/windows/browser/verypdf_pdfview
    msf exploit(verypdf_pdfview) > show targets
        ...targets...
    msf exploit(verypdf_pdfview) > set TARGET < target-id >
    msf exploit(verypdf_pdfview) > show options
        ...show and set options...
    msf exploit(verypdf_pdfview) > exploit
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today