Adobe Reader 9.3.0 DLL Hijacking
Posted on 26 October 2016
===================================================== # Adobe Reader 9.3.0 - DLL Hijacking ===================================================== # Vendor Homepage: https://www.adobe.com/ # Date: 24 Oct 2016 # Version : 9.3.0 # Author: Ashiyane Digital Security Team # Contact: hehsan979@gmail.com ===================================================== # PoC: 1. Create a malicious dll file with name "AcroRd32.dll" and save it in "C:Program FilesAdobeReader 9.0Reader" directory. 2. Execute "AcroRd32.exe" from "C:Program FilesAdobeReader 9.0Reader" directory. 3. Malicious dll file gets executed. ===================================================== # Discovered By : Ehsan Hosseini =====================================================