Cool PDF Reader 3.0.2.256 Buffer Overflow

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Cool PDF Reader 3.0.2.256 Buffer Overflow
# Published : 2013-02-07
# Author :
# Previous Title : Sumatra 2.1.1/MuPDF 1.0 Integer Overflow
# Next Title : Cam2pc 4.6.2 - BMP Image Processing Integer Overflow Vulnerability

# Exploit Title: Cool PDF Reader 3.0.2.256 buffer overflow
# Vulnerability Disclosed to US-CERT by Chris Gabriel: 11-20-2012
# Emailed vendor: 12-4-2012
# Francis Provencher discovered vulnerability and reported to Secunia: 12-19-2012
# Vulnerability Discovery: Francis Provencher (Protek Research Lab's) @ProtekResearch
# Vulnerability Discovery: Chris Gabriel
# Exploit Author: Chris Gabriel
# Vendor Homepage: http://www.pdf2exe.com/reader.html
# Version: CoolPDF 3.0.2.256 
# Tested on: Windows XP SP3
# CVE: CVE-2012-4914
# Reference: http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=70&Itemid=70
# Reference: http://secunia.com/advisories/51602

PoC:  http://www.exploit-db.com/sploits/24463.py