Lucene search
Google Security Research1337DAY-ID-26078HistoryJul 11, 2016 - 12:00 a.m.
Adobe Flash - ATF Processing Overflow
2016-07-1100:00:00
Google Security Research
0day.today
28
0.959 High
EPSS
Percentile
99.3%
Exploit for multiple platform in category dos / poc
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=786
The attached ATF file causes a heap overflow in ATF processing. To reproduce this issue, put LoadImage.swf and test.png on a remote server, and visit http://127.0.0.1/LoadImage.swf?img=test.png.
To differentiate this from other ATF issues, this is an overflow in decompressing alphas when an image has a height of 1 pixel.
Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40087.zip
# 0day.today [2018-03-20] #Related
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Heap Overflow (APSB16-18: CVE-2016-4135)
2016-06-13 00:00:00
prion
prion
Code injection
2016-06-16 14:59:00
redhatcve
redhatcve
CVE-2016-4135
2016-06-16 16:20:18
cve
cve
CVE-2016-4135
2016-06-16 14:59:00
nessus
nessus
RHEL 5 / 6 : flash-plugin (RHSA-2016:1238)
2016-06-20 00:00:00
SUSE SLED12 Security Update : flash-player (SUSE-SU-2016:1613-1)
2016-08-29 00:00:00
archlinux
archlinux
lib32-flashplugin: multiple issues
2016-06-20 00:00:00
flashplugin: multiple issues
2016-06-19 00:00:00
suse
suse
Security update for flash-player (critical)
2016-06-17 18:08:02
Security update for flash-player (critical)
2016-06-17 22:08:03
Security update for flash-player (critical)
2016-06-19 02:07:41
altlinux
altlinux
openvas
openvas
mageia
mageia
Updated flash-player-plugin packages fix security vulnerabilities
2016-06-17 08:58:14
kaspersky
kaspersky
KLA10830 Multiple vulnerabilities in Adobe Flash Player
2016-06-16 00:00:00
freebsd
freebsd
flash -- multiple vulnerabilities
2016-06-16 00:00:00
redhat
redhat
(RHSA-2016:1238) Critical: flash-plugin security update
2016-06-17 00:00:00
mscve
mscve
June 2016 Adobe Flash Security Update
2016-06-14 07:00:00