Lucene search

K
zdtGoogle Security Research1337DAY-ID-26076
HistoryJul 11, 2016 - 12:00 a.m.

Adobe Flash - LMZA Property Decoding Heap Corruption

2016-07-1100:00:00
Google Security Research
0day.today
16

0.961 High

EPSS

Percentile

99.3%

Exploit for multiple platform in category dos / poc

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=790
 
Loading the attached image causes heap corruption due to LMZA property decoding. To reproduce the issue, load the attach file '6' using LoadImage.swf as follows:
 
LoadImage.swf?img=6
 
The issue sometimes takes multiple refreshes to crash
 
 
Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40089.zip

#  0day.today [2018-01-08]  #