Adobe Flash: Heap Overflow in YUVPlane decoding (CVE-2017-2986)

2017-02-23T00:00:00
ID SSV:92708
Type seebug
Reporter Root
Modified 2017-02-23T00:00:00

Description

The attached FLV file causes a heap overflow in YUVPlane decoding.

To reproduce, put LoadMP4. swf and yuvplane. flv on a server, and visit 127.0.0.1/LoadMP4. swf? file=yvplane. flv.

Attachment: yuvplane. flv

LoadMP4. swf