9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.969 High
EPSS
Percentile
99.6%
Name | adobe_flash_regexp |
---|---|
CVE | CVE-2013-0634 Exploit Pack |
VENDOR: Adobe | |
Notes: |
This module exploit’s a heap based buffer overflow on Adobe Flash Player while handling a regex object.
It bypasses ASLR leaking a vtable pointer.
Specifically, this exploit works on the following versions:
- 11.5.502.146
- 11.5.502.135
- 11.5.502.110
- 11.4.402.287
- 11.4.402.278
- 11.4.402.265
Versions outside of this use an alternate heap manager and therefore this exploit will require
modification to work on those specific versions.
Tested on:
Windows 7 SP1 with IE 8
Windows 7 SP1 Firefox 19.0
Flash 11.4.402.278
Usage:
python ./exploits/clientd/clientd.py -l 192.168.1.10 -d 5555 -O server_port:8080 -O allowed_attack_modules:adobe_flash_regexp -O auto_detect_exploits:0
python commandlineInterface.py -v 17 -p5555
VersionsAffected: Adobe Flash Player for Windows <= 10.3.183.51 and 11.x before 11.5.502.149
Repeatability: One-shot
References: [‘http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0634’]
CVE Url: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0634
Date public: 08/02/2013