Lucene search

K
hackeroneClem1H1:2170
HistoryFeb 21, 2014 - 8:37 p.m.

Internet Bug Bounty: Flash double free vulnerability leads to code execution

2014-02-2120:37:47
clem1
hackerone.com
48
internet bug bounty
flash
double free vulnerability
code execution
adobe
cve-2014-0502
security
watering hole
nonprofit research institutions
human right activists
reward
charity

EPSS

0.41

Percentile

97.3%

This bug was reported directly to Adobe and got assigned CVE-2014-0502.

http://helpx.adobe.com/security/products/flash-player/apsb14-07.html

This one was actively (and it still is) exploited since February 12th in watering hole campaigns against nonprofit research institutions and human right activists websites.

If I can get a reward for this vulnerability, I’d be happy to give it to charity!