Adobe Flash Pointer Crash in Button Handling

2015-08-19T00:00:00
ID EDB-ID:37869
Type exploitdb
Reporter Google Security Research
Modified 2015-08-19T00:00:00

Description

Adobe Flash Pointer Crash in Button Handling. CVE-2015-5547. Dos exploit for linux platform

                                        
                                            Source: https://code.google.com/p/google-security-research/issues/detail?id=399&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id

The attached sample, signal_sigsegv_7ffff60a1429_9554_f4dc661554237404dfe394d4c6c3e674.swf, crashes in this manner on Linux x64:

=> 0x00007f693158481f:	movzbl (%rcx),%r11d
rcx            0x3102ffffecfd	53888954658045

The base sample from which this fuzz case was generated is also attached. We believe this may be related to button handling.

Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/37869.zip