Adobe FlateDecode Stream Predictor 02 Integer Overflow
This module exploits an integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions before 9.2.
Module Name
exploit/windows/fileformat/adobe_flatedecode_predictor02
Authors
- unknown
- jduck <jduck [at] metasploit.com>
References
Targets
- Adobe Reader Windows Universal (JS Heap Spray)
Platforms
- windows
Reliability
Development
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
msf > use exploit/windows/fileformat/adobe_flatedecode_predictor02
msf exploit(adobe_flatedecode_predictor02) > show targets
...targets...
msf exploit(adobe_flatedecode_predictor02) > set TARGET <target-id>
msf exploit(adobe_flatedecode_predictor02) > show options
...show and set options...
msf exploit(adobe_flatedecode_predictor02) > exploit
Related Vulnerabilities
- CESA-2009:1499: acroread security update
- APSB09-15: Security updates available for Adobe Reader and Acrobat (CVE-2009-3459)
- Sun Patch: SunOS 5.10: Adobe Acrobat Reader patch
- SUSE Linux Security Advisory: SUSE-SA:2009:049
- RHSA-2009:1499: acroread security update
- SUSE Linux Security Vulnerability: CVE-2009-3459
- Adobe APSB09-15: Adobe Reader Remote Code Execution Vulnerability