Adobe Flash - Use-After-Free When Setting Stage

2016-01-11T00:00:00
ID EXPLOITPACK:5A42B4503208D375D816408323A440D7
Type exploitpack
Reporter Google Security Research
Modified 2016-01-11T00:00:00

Description

Adobe Flash - Use-After-Free When Setting Stage

                                        
                                            Source: https://code.google.com/p/google-security-research/issues/detail?id=629

The attached file causes a use-after-free when calling the stage setter. The PoC works most consistently in Firefox for 64-bit Windows.


Proof of Concept:
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/39221.zip