module

Documalis Free PDF Editor and Scanner JPEG Stack Buffer Overflow

Try Surface Command
Back to search
Disclosed
2020-05-22
Created
2020-08-04

Description

Documalis Free PDF Editor version 5.7.2.26 and Documalis Free PDF Scanner version 5.7.2.122 do not
appropriately validate the contents of JPEG images contained within a PDF. Attackers can exploit
this vulnerability to trigger a buffer overflow on the stack and gain remote code execution as the
user running the Documalis Free PDF Editor or Documalis Free PDF Scanner software.

Authors

metacom
metacom27 metacom27@gmail.com

Platform

Windows

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:


    msf > use exploit/windows/fileformat/documalis_pdf_editor_and_scanner
    msf exploit(documalis_pdf_editor_and_scanner) > show targets
        ...targets...
    msf exploit(documalis_pdf_editor_and_scanner) > set TARGET < target-id >
    msf exploit(documalis_pdf_editor_and_scanner) > show options
        ...show and set options...
    msf exploit(documalis_pdf_editor_and_scanner) > exploit
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today