Adobe Flash - ATF Thumbnailing Heap Overflow

2017-03-15T00:00:00
ID EDB-ID:41610
Type exploitdb
Reporter Exploit-DB
Modified 2017-03-15T00:00:00

Description

Adobe Flash - ATF Thumbnailing Heap Overflow. CVE-2017-2933. Dos exploit for Multiple platform. Tags: Denial of Service (DoS)

                                        
                                            Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1015

The attached file causes an overflow in heap thumbnailing. To reproduce, place both attached files on a server and visit http://127.0.0.1/LoadImage.swf?img=thumb2.atf


Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/41610.zip