Adobe Flash AS2 MovieClip setMask after the release of the heavy interest with a remote code execution vulnerability(CVE-2 0 1 5-7 6 6 0)-vulnerability warning-the black bar safety net

2015-12-07T00:00:00
ID MYHACK58:62201569787
Type myhack58
Reporter 佚名
Modified 2015-12-07T00:00:00

Description

CVE(CAN) ID: CVE-2 0 1 5-7 6 6 0

FlashPlayer is a high-performance, lightweight and extremely expressive client runtime player.

Adobe Flash setMask method in the presence of security vulnerabilities. By manipulating the transfer to the setMask method's parameter, the attacker can force the use of has been released the suspension of the pointer, the use of loopholes in the current process context arbitrary code execution.

<*source: Bilou

Links: https://helpx.adobe.com/security/products/flash-player/apsb15-28.html *>

Recommendations:

Manufacturers patch:

Adobe \ ----- Adobe has released a security Bulletin apsb15-2 8 as well as the corresponding patch: apsb15-2 8: Security updates available for Adobe Flash Player Links: https://helpx.adobe.com/security/products/flash-player/apsb15-28.html

Patch download: http://www.adobe.com/go/getflash