5 matches found
Adobe IExternalizable Interface Use After Free Code Execution (CVE-2016-7855)
A Use After Free vulnerability exists in Adobe IExternalizable Interface. The vulnerability is due to a reuse of a freed Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted SWF file...
Adobe Flash - Type Confusion in IExternalizable.readExternal When Performing Local Serialization
Adobe Flash - Type Confusion in IExternalizable.readExternal When Performing Local Serialization Source: https://code.google.com/p/google-security-research/issues/detail?id=548 If IExternalizable.readExternal is overridden with a value that is not a function, Flash assumes it is a function even...
Adobe Flash - IExternalizable.writeExternal Type Confusion
Adobe Flash - IExternalizable.writeExternal Type Confusion Source: https://code.google.com/p/google-security-research/issues/detail?id=547 If IExternalizable.writeExternal is overridden with a value that is not a function, Flash assumes it is a function even though it is not one. This leads to...
Adobe Flash - 'IExternalizable.writeExternal' Type Confusion
Source: https://code.google.com/p/google-security-research/issues/detail?id=547 If IExternalizable.writeExternal is overridden with a value that is not a function, Flash assumes it is a function even though it is not one. This leads to execution of a 'method' outside of the ActionScript object's...
Adobe Flash Player IExternalizable Remote Code Execution (APSA15-05: CVE-2015-7645; CVE-2015-7647; CVE-2015-7648)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a type confusion condition while handling a malformed SWF file. A remote attacker can exploit this vulnerability by enticing a victim to open specially crafted SWF files...