Showing 1 - 5 of 5

Files from hdarwin

Adobe Flash Player domainMemory ByteArray Use After Free: Posted May 7, 2015; Authored by juan vazquez, temp66, hdarwin, bilou | Site metasploit.com; This Metasploit module exploits a use-after-free vulnerability in Adobe Flash Player. The vulnerability occurs when the ByteArray assigned to the current ApplicationDomain is freed from an ActionScript worker, when forcing a reallocation by copying more contents than the original capacity, but Flash forgets to update the domainMemory pointer, leading to a use-after-free situation when the main worker references the domainMemory again. This Metasploit module has been tested successfully on Windows 7 SP1 (32-bit), IE 8 and IE11 with Flash 17.0.0.134.; tags | exploit; systems | windows; advisories | CVE-2015-0359; SHA-256 | 35afddd5d3435bc9a7d573d702fbd4a8ffa05be42f3a36a7f8f99095dcaea8ed; Download | Favorite | View

Adobe Flash Player copyPixelsToByteArray Integer Overflow: Posted Apr 19, 2015; Authored by Chris Evans, Nicolas Joly, juan vazquez, hdarwin | Site metasploit.com; This Metasploit module exploits an integer overflow in Adobe Flash Player. The vulnerability occurs in the copyPixelsToByteArray method from the BitmapData object. The position field of the destination ByteArray can be used to cause an integer overflow and write contents out of the ByteArray buffer. This Metasploit module has been tested successfully on Windows 7 SP1 (32-bit), IE 8 to IE 11 and Flash 14.0.0.176, 14.0.0.145 and 14.0.0.125.; tags | exploit, overflow; systems | windows; advisories | CVE-2014-0556; SHA-256 | 0261f65421dd66c2140dc4d01ec869ffa16a08028c90426650ee76ecbe40cc47; Download | Favorite | View

Adobe Flash Player ByteArray With Workers Use After Free: Posted Mar 30, 2015; Authored by juan vazquez, temp66, hdarwin | Site metasploit.com; This Metasploit module exploits an use after free vulnerability in Adobe Flash Player. The vulnerability occurs when the ByteArray assigned to the current ApplicationDomain is freed from an ActionScript worker, who can fill the memory and notify the main thread to corrupt the new contents. This Metasploit module has been tested successfully on Windows 7 SP1 (32 bits), IE 8 to IE 11 and Flash 16.0.0.296.; tags | exploit; systems | windows; advisories | CVE-2015-0313; SHA-256 | bb349a822c1cc70d4d8f5f21a7eac4a134384b42aa63d3ce02ebae6b666c8b6a; Download | Favorite | View

Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free: Posted Mar 12, 2015; Authored by juan vazquez, temp66, hdarwin | Site metasploit.com; This Metasploit module exploits an use after free vulnerability in Adobe Flash Player. The vulnerability occurs in the ByteArray::UncompressViaZlibVariant method, when trying to uncompress() a malformed byte stream. This Metasploit module has been tested successfully on Windows 7 SP1 (32 bits), IE 8 to IE 11 and Flash 16.0.0.287, 16.0.0.257 and 16.0.0.235.; tags | exploit; systems | windows; advisories | CVE-2015-0311; SHA-256 | dd4ec805115cf98a76e437af4ed45f3e30645c3c9fefa40fee4a00da81424a9e; Download | Favorite | View

Adobe Flash 14.0.0.145 copyPixelsToByteArray() Heap Overflow: Posted Sep 30, 2014; Authored by hdarwin; Adobe Flash version 14.0.0.145 copyPixelsToByteArray() heap overflow proof of concept exploit.; tags | exploit, overflow, proof of concept; advisories | CVE-2014-0556; SHA-256 | 166a57b3405bb750c323b5344a65f63fcd9ab165a71edf5188ec594b3a88fa98; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days