New Flash Player zero-day comes inside Office document

Update 2018-02-06: Adobe has released a patch for this vulnerability. More information is available here. We tested this zero-day with a proof-of concept that was made available. Rather than launching it from within Office, we turned it into a drive-by download attack. The animation below shows...

realplayer-swf-PoC.pl.txt

!/usr/bin/perl RealPlayer: Buffer overflow vulnerability / PoC CVE-2006-0323 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0323 RealNetworks Advisory http://service.real.com/realplayer/security/03162006player/en/ Federico L. Bossi Bonin fbossiatnetcomm.com.ar Program received signal...