Short Name |
HTTP:OVERFLOW:ACROBATX-HEAP |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Adobe Acrobat Reader ActiveX Component Heap Overflow |
Release Date |
2004/08/18 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against the Adobe Acrobat Reader ActiveX component. Attackers can send an overly long URL that, when interpreted by Adobe Acrobat, enables attackers to execute arbitrary code on the target host.
Adobe Acrobat/Acrobat Reader ActiveX control (pdf.ocx) is reported prone to a heap-based buffer overrun vulnerability, the issue presents itself due to a lack of sufficient boundary checking performed on URI data of GET requests. It is reported that Microsoft IIS and Netscape Enterprise servers employ NULL bytes as URI terminators and so these HTTP servers may be used to launch an attack. When a malicious URI is followed, the URI is copied into heap-based memory of the affected software without sufficient boundary checks. This results in heap-based memory management chunks being trampled by attacker-supplied URI data. Ultimately this vulnerability may be exploited by a remote attacker to execute arbitrary code in the context of the user who is running the vulnerable software.