Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbGoogle Security ResearchEDB-ID:42249
HistoryJun 23, 2017 - 12:00 a.m.

Adobe Flash - ATF Parser Heap Corruption

2017-06-2300:00:00
Google Security Research
www.exploit-db.com
25

AI Score

7.4

Confidence

Low

JSON
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1216

The attached file causes heap corruption in the ATF parser. To reproduce the issue, copy atffree.atf and LoadImage.swf to a server, and visit http://127.0.0.1/LoadImage.swf?img=atffree.png.


Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42249.zip

Related

cvelist 1
ubuntucve 1
checkpoint_advisories 1
zdt 1
prion 1
nvd 1
cve 1
openvas 6
redhatcve 9
nessus 7
mscve 1
archlinux 2
kaspersky 1
redhat 1
mageia 1
freebsd 1
trendmicroblog 1
gentoo 1
cvelist
cvelist
CVE-2017-3078
2017-06-20 17:00:00
ubuntucve
ubuntucve
CVE-2017-3078
2017-06-20 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Memory Corruption (APSB17-17: CVE-2017-3078)
2017-06-13 00:00:00
zdt
zdt
Adobe Flash - ATF Parser Heap Corruption Exploit
2017-06-28 00:00:00
prion
prion
Memory corruption
2017-06-20 17:29:00
nvd
nvd
CVE-2017-3078
2017-06-20 17:29:00
cve
cve
CVE-2017-3078
2017-06-20 17:29:00
openvas
openvas
Adobe Flash Player Security Update (APSB17-17) - Linux
2017-06-14 00:00:00
Microsoft IE And Microsoft Edge Multiple Flash Player Vulnerabilities (4022730)
2017-06-14 00:00:00
Mageia: Security Advisory (MGASA-2017-0172)
2022-01-28 00:00:00
redhatcve
redhatcve
CVE-2017-3077
2017-06-13 16:48:39
CVE-2017-3081
2017-06-13 16:49:03
CVE-2017-3082
2017-06-13 16:49:14
nessus
nessus
Flash Player < 26.0.0.126 Multiple RCE (APSB17-17)
2017-06-21 00:00:00
Adobe Flash Player <= 25.0.0.171 Multiple Vulnerabilities (APSB17-17)
2017-06-13 00:00:00
FreeBSD : Flash Player -- multiple vulnerabilities (cd944b3f-51f6-11e7-b7b2-001c25e46b1d)
2017-06-16 00:00:00
mscve
mscve
June 2017 Adobe Flash Security Update
2017-06-13 07:00:00
archlinux
archlinux
[ASA-201706-15] lib32-flashplugin: arbitrary code execution
2017-06-14 00:00:00
[ASA-201706-14] flashplugin: arbitrary code execution
2017-06-14 00:00:00
kaspersky
kaspersky
KLA11041 Arbitrary code execution vulnerabilities in Adobe Flash Player
2017-06-13 00:00:00
redhat
redhat
(RHSA-2017:1439) Critical: flash-plugin security update
2017-06-13 20:20:51
mageia
mageia
Updated flash-player-plugin packages fix security vulnerabilities
2017-06-14 16:50:35
freebsd
freebsd
Flash Player -- multiple vulnerabilities
2017-06-13 00:00:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of June 19, 2017
2017-06-23 14:44:46
gentoo
gentoo
Adobe Flash Player: Multiple Vulnerabilities
2017-07-21 00:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:42249
cvelist1ubuntucve1checkpoint_advisories1zdt1prion1nvd1cve1openvas6redhatcve9nessus7mscve1archlinux2kaspersky1redhat1mageia1freebsd1trendmicroblog1gentoo1