Vulners
Lucene search
Adobe Flash - Type Confusion in IExternalizable.readExternal When Performing Local Serialization
🗓️ 14 Dec 2015 00:00:00Reported by Google Security ResearchType 
exploitdb🔗 www.exploit-db.com👁 22 Views
Source: https://code.google.com/p/google-security-research/issues/detail?id=548
If IExternalizable.readExternal is overridden with a value that is not a function, Flash assumes it is a function even though it is not one. This leads to execution of a 'method' outside of the ActionScript object's ActionScript vtable, leading to memory corruption.
A sample swf is attached. ActionScript code is also attached, but it does not compile to the needed to swf. To get the PoC, decompress the swf using flasm -x myswf, and then search for "teadExternal" and change it to "readExternal".
Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/38969.zipData
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
14 Dec 2015 00:00Current
7.4High risk
Vulners AI Score7.4