Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/hacksysteam/CVE-2023-21608
Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit
https://github.com/hacksysteam/CVE-2023-21608
adobe adobe-reader aslr-bypass cfg-bypass cve-2023-21608 dep-bypass exploit rce use-after-free
Last synced: 3 months ago
JSON representation
Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit
- Host: GitHub
- URL: https://github.com/hacksysteam/CVE-2023-21608
- Owner: hacksysteam
- License: gpl-3.0
- Created: 2023-01-30T12:57:48.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2023-12-05T12:21:02.000Z (about 1 year ago)
- Last Synced: 2023-12-05T13:32:47.890Z (about 1 year ago)
- Topics: adobe, adobe-reader, aslr-bypass, cfg-bypass, cve-2023-21608, dep-bypass, exploit, rce, use-after-free
- Language: JavaScript
- Homepage: https://hacksys.io/blogs/adobe-reader-resetform-cagg-rce-cve-2023-21608
- Size: 19.5 KB
- Stars: 260
- Watchers: 5
- Forks: 60
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - hacksysteam/CVE-2023-21608 - Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit (JavaScript)
README
# CVE-2023-21608
[![Twitter Follow](https://img.shields.io/twitter/follow/HackSysTeam?style=social)](https://twitter.com/HackSysTeam)
[![Mastodon Follow](https://img.shields.io/mastodon/follow/109291325205105061?domain=https%3A%2F%2Finfosec.exchange&style=social)](https://infosec.exchange/@hacksysteam)
[![Discord Server](https://dcbadge.vercel.app/api/server/ns32uNhaq7?style=flat)](https://discord.com/invite/ns32uNhaq7)This bug was `Use after Free` which was caused during `resetForm` operation while handling object memory references.
## Blog
- [Adobe Acrobat Reader - resetForm - CAgg UaF - RCE Exploit - CVE-2023-21608](https://hacksys.io/blogs/adobe-reader-resetform-cagg-rce-cve-2023-21608)
## Advisory
- [CVE-2023-21608](https://hacksys.io/advisories/HI-2022-006)
## Demo
[![Adobe Acrobat Reader DC - UaF - Remote Code Execution - CVE-2023-21608](https://img.youtube.com/vi/cguBkC0opXk/0.jpg)](https://www.youtube.com/watch?v=cguBkC0opXk)