Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdtGoogle Security Research1337DAY-ID-25995
HistoryMay 06, 2016 - 12:00 a.m.

Adobe Flash - Use-After-Free When Rendering Displays From Multiple Scripts (2)

2016-05-0600:00:00
Google Security Research
0day.today
17

0.73 High

EPSS

Percentile

97.8%

JSON

Exploit for windows platform in category dos / poc

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=719
 
There is a use-after-free that appears to be related to rendering the display based on multiple scripts. A PoC is attached, tested on Windows only. Note the PoC is somewhat unreliable on some browsers, sometimes it needs to render a minute or two in the foreground before crashing. This is related to unreliability in the freed object being reallocated as a value that causes the crash, not unreliability in the underlying bug (it crashes immediately in a debug build of Flash). With enough effort, an attacker could likely trigger the issue immediately.
 
 
Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/39778.zip

#  0day.today [2018-03-14]  #

Related

checkpoint_advisories 1
prion 5
cve 5
ubuntucve 5
mscve 1
kaspersky 1
redhat 1
nessus 8
openvas 9
altlinux 2
archlinux 1
mageia 1
suse 2
freebsd 1
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Use After Free Code Execution (APSB16-10: CVE-2016-1013)
2016-04-07 00:00:00
prion
prion
Design/Logic Flaw
2016-04-09 01:59:00
Design/Logic Flaw
2016-04-09 01:59:00
Design/Logic Flaw
2016-04-09 01:59:00
cve
cve
CVE-2016-1013
2016-04-09 01:59:00
CVE-2016-1016
2016-04-09 01:59:00
CVE-2016-1011
2016-04-09 01:59:00
ubuntucve
ubuntucve
CVE-2016-1031
2016-04-09 00:00:00
CVE-2016-1017
2016-04-09 00:00:00
CVE-2016-1013
2016-04-09 00:00:00
mscve
mscve
April 2016 Adobe Flash Security Update
2016-04-12 07:00:00
kaspersky
kaspersky
KLA10780 Multiple vulnerabilities in Adobe Flash Player
2016-04-07 00:00:00
redhat
redhat
(RHSA-2016:0610) Critical: flash-plugin security update
2016-04-08 00:00:00
nessus
nessus
MS16-050: Security Update for Adobe Flash Player (3154132)
2016-04-12 00:00:00
Flash Player < 11.2.202.616 / 18.0.0.343 / 21.0.0.213 Multiple Vulnerabilities (APSB16-10)
2016-05-20 00:00:00
Adobe Flash Player <= 21.0.0.197 Multiple Vulnerabilities (APSB16-10)
2016-04-08 00:00:00
openvas
openvas
Adobe Flash Player Within Google Chrome Security Update (APSB16-10) - Mac OS X
2017-03-18 00:00:00
Adobe Flash Player Within Google Chrome Security Update (APSB16-10) - Linux
2017-03-18 00:00:00
Mageia: Security Advisory (MGASA-2016-0134)
2016-05-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt61
2016-04-08 00:00:00
Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt61
2016-04-08 00:00:00
archlinux
archlinux
flashplugin: multiple issues
2016-04-10 00:00:00
mageia
mageia
Updated flash-player-plugin packages fix security vulnerabilities
2016-04-08 09:17:28
suse
suse
Security update for flash-player (important)
2016-05-17 02:07:54
Security update for flash-player (important)
2016-05-16 18:08:08
freebsd
freebsd
flash -- multiple vulnerabilities
2016-04-07 00:00:00

0.73 High

EPSS

Percentile

97.8%

JSON
Related for 1337DAY-ID-25995
checkpoint_advisories1prion5cve5ubuntucve5mscve1kaspersky1redhat1nessus8openvas9altlinux2archlinux1mageia1suse2freebsd1