Lucene search
Google Security ResearchEDB-ID:41423HistoryFeb 21, 2017 - 12:00 a.m.
Adobe Flash - YUVPlane Decoding Heap Overflow
2017-02-2100:00:00
Google Security Research
www.exploit-db.com
19
AI Score
7.4
Confidence
Low
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1008
The attached FLV file causes a heap overflow in YUVPlane decoding.
To reproduce, put LoadMP4.swf and yuvplane.flv on a server, and visit 127.0.0.1/LoadMP4.swf?file=yvplane.flv.
Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/41423.zipRelated
seebug
seebug
Adobe Flash: Heap Overflow in YUVPlane decoding (CVE-2017-2986)
2017-02-23 00:00:00
cvelist
cvelist
CVE-2017-2986
2017-02-15 06:11:00
ubuntucve
ubuntucve
CVE-2017-2986
2017-02-15 00:00:00
zdt
zdt
Adobe Flash - YUVPlane Decoding Heap Overflow Exploit
2017-02-22 00:00:00
cve
cve
CVE-2017-2986
2017-02-15 06:59:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Heap Buffer Overflow (APSB17-04: CVE-2017-2986)
2017-02-14 00:00:00
prion
prion
Heap overflow
2017-02-15 06:59:00
nvd
nvd
CVE-2017-2986
2017-02-15 06:59:00
redhatcve
redhatcve
nessus
nessus
SUSE SLED12 Security Update : flash-player (SUSE-SU-2017:0523-1)
2017-02-21 00:00:00
RHEL 6 : flash-plugin (RHSA-2017:0275)
2017-02-16 00:00:00
Flash Player < 24.0.0.221 Multiple Vulnerabilities (APSB17-04)
2017-02-16 00:00:00
suse
suse
Security update for flash-player (important)
2017-02-20 18:09:26
mageia
mageia
Updated flash-player-plugin packages fix security vulnerability
2017-03-12 23:33:36
openvas
openvas
altlinux
altlinux
mscve
mscve
February 2017 Adobe Flash Security Update
2017-02-21 08:00:00
kaspersky
kaspersky
KLA10960 Code execution vulnerabilities in Adobe Flash Player
2017-02-14 00:00:00
redhat
redhat
(RHSA-2017:0275) Critical: flash-plugin security update
2017-02-15 10:29:10
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2017-02-20 00:00:00