CVE-2015-7659

Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allow attackers to execute arbitrary code by leveraging an unspecified...

Adobe Flash AS2 NetConnection Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the NetConnection...

Adobe Flash - NetConnection.connect Use-After-Free

Source: https://code.google.com/p/google-security-research/issues/detail?id=352&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id If the fpadInfo property of a NetConnection object is a SharedObject, a use-after-free occurs when the property is deleted. A proof-of-concept is ...

Adobe Flash - Setting Value Use-After-Free

Source: https://code.google.com/p/google-security-research/issues/detail?id=360&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id In certain cases where a native AS2 class sets an internal atom to a value, it can lead to a use-after-free if the variable is a SharedObject. Whi...

Adobe Flash - Setting Use-After-Free

Adobe Flash - Setting Use-After-Free Source: https://code.google.com/p/google-security-research/issues/detail?id=355&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id In certain cases where a native AS2 class sets an internal variable, it can lead to a use-after-free if the...

Adobe Flash - NetConnection.connect Use-After-Free

Adobe Flash - NetConnection.connect Use-After-Free Source: https://code.google.com/p/google-security-research/issues/detail?id=352&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id If the fpadInfo property of a NetConnection object is a SharedObject, a use-after-free occurs...

Adobe Flash Player NetConnection Type Confusion

This module exploits a type confusion vulnerability in the NetConnection class on Adobe Flash Player. When using a correct memory layout this vulnerability allows to corrupt arbitrary memory. It can be used to overwrite dangerous objects, like vectors, and ultimately accomplish remote code...

Adobe Flash Player - NetConnection Type Confusion (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Adobe Flash Player NetConnection Type Confusion', 'Description' = %q This module exploits a type confusion vulnerability in the...

Adobe Flash Player NetConnection Type Confusion

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Adobe Flash Player NetConnection Type Confusion', 'Description' = %q This module exploits a type confusion vulnerability in the...

A Tale of Two Exploits

Posted by Natalie Silvanovich, Collision Investigator and Object Field Examiner CVE-2015-0336 is a type confusion vulnerability in the AS2 NetConnection class. I reported this issue in January and soon wrote a proof-of-concept exploit for the bug. The issue was patched by Adobe in March and less...