Adobe Flash - JXR Processing Out-of-Bounds Read

2016-05-17T00:00:00
ID 1337DAY-ID-26021
Type zdt
Reporter Google Security Research
Modified 2016-05-17T00:00:00

Description

Exploit for multiple platform in category dos / poc

                                        
                                            Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=791
 
There is an out-of-bounds read in JXR processing. This issue is probably not exploitable, but could be used an an information leak.
 
To reproduce the issue, load the attach file '8' using LoadImage.swf as follows:
 
LoadImage.swf?img=8
 
 
Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/39824.zip

#  0day.today [2018-03-19]  #