Source: https://code.google.com/p/google-security-research/issues/detail?id=629
 
The attached file causes a use-after-free when calling the stage setter. The PoC works most consistently in Firefox for 64-bit Windows.
 
 
Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/39221.zip

#  0day.today [2018-03-12]  #

checkpoint_advisories 1

prion 13

ubuntucve 13

cve 13

kaspersky 1

openvas 11

nessus 13

suse 4

freebsd 1

altlinux 2

mageia 1

archlinux 1

redhat 1

checkpoint_advisories

Adobe Flash Player Use After Free Code Execution (APSB16-01: CVE-2015-8634)

2015-12-28 00:00:00

prion

Design/Logic Flaw

2015-12-28 23:59:00

Design/Logic Flaw

2015-12-28 23:59:00

Design/Logic Flaw

2015-12-28 23:59:00

ubuntucve

CVE-2015-8650

2015-12-28 00:00:00

CVE-2015-8643

2015-12-28 00:00:00

CVE-2015-8641

2015-12-28 00:00:00

cve

CVE-2015-8646

2015-12-28 23:59:00

CVE-2015-8649

2015-12-28 23:59:00

CVE-2015-8639

2015-12-28 23:59:00

kaspersky

KLA10727 Code execution vulnerabilities in Adobe Flash Player and AIR

2015-12-28 00:00:00

openvas

Adobe Air Multiple Vulnerabilities -01 (Dec 2015) - Windows

2015-12-29 00:00:00

Mageia: Security Advisory (MGASA-2015-0493)

2015-12-29 00:00:00

Adobe Air Multiple Vulnerabilities -01 (Dec 2015) - Mac OS X

2015-12-29 00:00:00

nessus

SUSE SLED11 Security Update : flash-player (SUSE-SU-2015:2402-1)

2016-01-04 00:00:00

Flash Player < 20.0.0.267 Multiple Vulnerabilities (APSB16-01)

2016-01-08 00:00:00

Adobe AIR < 20.0.0.233 Multiple Vulnerabilities (APSB16-01)

2016-01-08 00:00:00

suse

Security update for flash-player (important)

2015-12-30 17:13:29

Security update for flash-player (important)

2015-12-30 15:10:27

Security update for flash-player (important)

2015-12-30 17:13:09

freebsd

flash -- multiple vulnerabilities

2015-12-28 00:00:00

altlinux

Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt58

2015-12-29 00:00:00

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt58

2015-12-29 00:00:00

mageia

Updated flash-player-plugin packages fix security vulnerabilities

2015-12-28 22:23:26

archlinux

flashplugin, lib32-flashplugin: multiple issues

2015-12-28 00:00:00

redhat

(RHSA-2015:2697) Critical: flash-plugin security update

2015-12-29 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

0.118 Low

EPSS

Percentile

94.8%

JSON

Related for 1337DAY-ID-25759