CVE-2014-0514
published 2014-04-15CVE-2014-0514: The Adobe Reader Mobile application before 11.2 for Android does not properly restrict use of JavaScript, which allows remote attackers to execute arbitrary…
PriorityP271critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
72.00%
99.4th percentile
The Adobe Reader Mobile application before 11.2 for Android does not properly restrict use of JavaScript, which allows remote attackers to execute arbitrary code via a crafted PDF document, a related issue to CVE-2012-6636.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | adobe_reader | <= 11.1.3 | — |
| adobe | adobe_reader | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect JavaScript in PDFs referencing the window._app, window._doc, or window._adobereader objects, which are the exposed insecure JavascriptInterface bridge names used in exploitation. ↗
- →The Metasploit module embeds a webview_addjavascriptinterface browser exploit inside a PDF; look for PDF files containing compressed/encoded JavaScript streams consistent with this technique, particularly targeting ARM, MIPS, or x86 Android architectures. ↗
- ·The Metasploit module defaults to the Android ARM target; separate payloads/shellcode are required for MIPSLE and x86 Android architectures. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Adobe Reader for Android < 11.2.0 - 'addJavascriptInterface' Local Overflow (Metasploit)
exploitdb·2014-06-17
CVE-2014-0514 Adobe Reader for Android < 11.2.0 - 'addJavascriptInterface' Local Overflow (Metasploit)
Adobe Reader for Android 'Adobe Reader for Android addJavascriptInterface Exploit',
'Description' => %q{
Adobe Reader versions less than 11.2.0 exposes insecure native
interfaces to untrusted javascript in a PDF. This module embeds the browser
exploit from android/webview_addjavascriptinterface into a PDF to get a
command shell on vulnerable versions of Reader.
},
'License' => MSF_LICENSE,
'Author' => [
'Yorick Koster', # discoverer
'joev' # msf module
],
'References' =>
[
[ 'CVE', '2014-0514' ],
[ 'EDB', '32884' ],
[ 'OSVDB', '105781' ],
],
'Platform' => 'android',
'DefaultOptions' => {
'PAYLOAD' => 'android/meterpreter/reverse_tcp'
},
'Targets' => [
[ 'Android ARM', {
'Platform' => 'android',
'Arch' => ARCH_ARMLE
}
],
[ 'Android MIPSLE', {
'Platform' => 'android',
'Arch' => ARCH_MIPSLE
}
Exploit-DB
Adobe Reader for Android 11.1.3 - Arbitrary JavaScript Execution
exploitdb·2014-04-15
CVE-2014-0514 Adobe Reader for Android 11.1.3 - Arbitrary JavaScript Execution
Adobe Reader for Android 11.1.3 - Arbitrary JavaScript Execution
---
Adobe Reader for Android exposes insecure Javascript interfaces
Yorick Koster, April 2014
Abstract
Adobe Reader for Android [2] exposes several insecure Javascript
interfaces. This issue can be exploited by opening a malicious PDF in
Adobe Reader. Exploiting this issue allows for the execution of
arbitrary Java code, which can result in a compromise of the documents
stored in Reader and files stored on SD card.
Tested versions
This issue was successfully verified on Adobe Reader for Android
version 11.1.3.
Fix
Adobe released version 11.2.0 of Adobe Reader that add
@JavascriptInterface [3] annotations to public methods that should be
exposed in the Javascript interfaces. In addition, the app now targets
API Level 17 a
Metasploit
Adobe Reader for Android addJavascriptInterface Exploit
metasploit
Adobe Reader for Android addJavascriptInterface Exploit
Adobe Reader for Android addJavascriptInterface Exploit
Adobe Reader versions less than 11.2.0 exposes insecure native interfaces to untrusted javascript in a PDF. This module embeds the browser exploit from android/webview_addjavascriptinterface into a PDF to get a command shell on vulnerable versions of Reader.
No writeups or analysis indexed.
http://helpx.adobe.com/security/products/reader-mobile/apsb14-12.htmlhttp://packetstormsecurity.com/files/127113/Adobe-Reader-for-Android-addJavascriptInterface-Exploit.htmlhttp://seclists.org/fulldisclosure/2014/Apr/192http://www.exploit-db.com/exploits/32884http://www.exploit-db.com/exploits/33791http://www.osvdb.org/105781http://www.securify.nl/advisory/SFY20140401/adobe_reader_for_android_exposes_insecure_javascript_interfaces.htmlhttp://www.securityfocus.com/archive/1/531831/100/0/threadedhttp://www.securityfocus.com/bid/66798http://helpx.adobe.com/security/products/reader-mobile/apsb14-12.htmlhttp://packetstormsecurity.com/files/127113/Adobe-Reader-for-Android-addJavascriptInterface-Exploit.htmlhttp://seclists.org/fulldisclosure/2014/Apr/192http://www.exploit-db.com/exploits/32884http://www.exploit-db.com/exploits/33791http://www.osvdb.org/105781http://www.securify.nl/advisory/SFY20140401/adobe_reader_for_android_exposes_insecure_javascript_interfaces.htmlhttp://www.securityfocus.com/archive/1/531831/100/0/threadedhttp://www.securityfocus.com/bid/66798
2014-04-15
Published