CVE-2007-6561

PDFLib - Stack-Based Buffer Overflow via Long Filename in PDF_load_image Function

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-6561. PoCs published by poplix.

AI-analyzed exploit summary This exploit targets a privilege escalation vulnerability in Jupiter 1.1.5ex by manipulating session data and authorization parameters. It automates the process of logging in with a low-privilege account and escalating it to full access.

Description

Multiple stack-based buffer overflows in PDFLib allow user-assisted remote attackers to execute arbitrary code via a long filename argument to the PDF_load_image function that results in an overflow in the pdc_fsearch_fopen function, and possibly other vectors.

Exploits (1)

exploitdb WORKING POC VERIFIED

by poplix · phpremotephp

https://www.exploit-db.com/exploits/30928

View Code ZIP pw:eip

This exploit targets a privilege escalation vulnerability in Jupiter 1.1.5ex by manipulating session data and authorization parameters. It automates the process of logging in with a low-privilege account and escalating it to full access.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Jupiter 1.1.5ex

Auth required

Prerequisites: Valid low-privilege account credentials on the target Jupiter installation

MITRE ATT&CK