9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.943 High
EPSS
Percentile
99.0%
Name | adobe_flash_otf_parsing |
---|---|
CVE | CVE-2012-1535 Exploit Pack |
VENDOR: Adobe | |
Notes: | |
This exploit takes advantage of a integer overflow that leads to a heap based buffer overflow. The | |
kern_table contains an integer that when set to >= 0x1000000 leads to integer wrap which eventually | |
triggers a function pointer call. |
Using a carefully constructed heap spray, an attacker can control the memory located at the
function pointer and achieve reliable code execution.
Tested on:
Usage (important):
This exploit will most likley not work with the js_recon module as loading third party
software will damage heap offsets.
VersionsAffected: Adobe Flash Player 11.3.300.257/11.3.300.265/11.3.300.268
Repeatability: Once
References: http://www.adobe.com/support/security/bulletins/apsb12-18.html
CVE Url: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1535
Date public: 07/16/2012
CVSS: 9.0