mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-23 19:04:02 +02:00
0xMarcio
993 B
993 B
CVE-2009-1492
Description
The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code that calls this method with crafted integer arguments.
POC
Reference
- http://packetstorm.linuxsecurity.com/0904-exploits/getannots.txt
- https://www.exploit-db.com/exploits/8569