3 matches found
From inter to intra: gaining reliability
Posted by Chris Evans, avoider of crossing heap lines. Part 2 of 4. In the first post in this series, we concluded with a traditional exploit for Adobe Flash bug 324, and noted that it could never be 100% reliable. We also challenged ourselves to do better! Is there some way we can leverage the...
Internet Bug Bounty: Adobe Flash Player MP4 Use-After-Free Vulnerability
I. Summary Adobe Flash Player is prone to a vulnerability which leads to Use-After-Free. After parsing a malformed mp4 file, Flash will keep on accessing a block of memory for timing. Such memory block is still accessed even the page containing Flash is closed, which leads to a memory crash...
Adobe Flash bug allow spying Webcam hole
Adobe Flash bug allow spying Webcam hole The flaw was disclosed in 2008 and can be exploited to turn on people's webcams or microphones without their knowledge. Attack involved putting the Adobe Flash Settings Manager page into an iFrame and masking it with a game, so that when the user clicked o...