Showing 1 - 11 of 11

Files from bilou

First Active	2015-04-10
Last Active	2015-08-21

Security Flash Heap Use-After-Free In SurfaceFilterList::CreateFromScriptAtom: Posted Aug 21, 2015; Authored by Google Security Research, bilou; Flash suffers from a use-after-free vulnerability in SurfaceFilterList::CreateFromScriptAtom.; tags | exploit; systems | linux; advisories | CVE-2015-5563; SHA-256 | f25272c8a1f372c28e643e729835debc9a97b7068e8da8e97a5a220acf1e5a89; Download | Favorite | View

Flash AS2 Use After Free In TextField.filters: Posted Aug 21, 2015; Authored by Google Security Research, bilou; There is a use after free vulnerability in the ActionScript 2 TextField.filters array property.; tags | exploit; systems | linux; advisories | CVE-2015-5561; SHA-256 | 45e43f90ddcb052986798b06cfd1f46ebd1983e9b8561f2e5e9f429141da9e39; Download | Favorite | View

Flash DefineBitsLossless / DefineBitsLossless2 Uninitialized Memory: Posted Aug 21, 2015; Authored by Google Security Research, bilou; Issues in DefineBitsLossless and DefineBitsLossless2 leads to using uninitialized memory while rendering a picture. This is caused by the returned value of a zlib function not properly checked.; tags | exploit; systems | linux; advisories | CVE-2015-3093; SHA-256 | 396c2a8d45a861b578261ac35463e414a0c7141b924077f21e2a31daf61bcf90; Download | Favorite | View

Security Use After Free In Flash AVSS.setSubscribedTags Memory Corruption: Posted Aug 21, 2015; Authored by Google Security Research, bilou; Use After Free in Flash AVSS.setSubscribedTags, setCuePointTags and setSubscribedTagsForBackgroundManifest can be abused to write pointers to String to freed locations.; tags | exploit; systems | linux; advisories | CVE-2015-3088; SHA-256 | 4fd920218793a46ab9cce3ab98f7a35862ab1c6417a8854638fed40036695f51; Download | Favorite | View

Security Flash Player Integer Overflow In Function.apply: Posted Aug 21, 2015; Authored by Google Security Research, bilou; An integer overflow while calling Function.apply can lead to enter an ActionScript function without correctly validating the supplied arguments. Chrome version 41.0.2272.101 stable with Flash version 17.0.0.134 is affected.; tags | exploit, overflow; systems | linux; advisories | CVE-2015-3087; SHA-256 | 851dccc1f099ae9b266f4f0571a50d127e908035fc85ecbce224da0685db6067; Download | Favorite | View

Flash UAF With MovieClip.scrollRect In AS2: Posted Aug 20, 2015; Authored by Google Security Research, bilou; When setting the scrollRect attribute of a MovieClip in AS2 with a custom Rectangle it is possible to free the MovieClip while a reference remains in the stack.; tags | exploit; systems | linux; advisories | CVE-2015-5130; SHA-256 | 784ff7b73b5ba4aba1ac24bbe51f62d68e8c1405d60181192fb3613898562723; Download | Favorite | View

Flash AS2 Use After Free In DisplacementMapFilter.mapBitmap: Posted Aug 20, 2015; Authored by Google Security Research, bilou; There is a use after free in Flash caused by an improper handling of BitmapData objects in the DisplacementMapFilter.mapBitmap property.; tags | exploit; systems | linux; advisories | CVE-2015-3080; SHA-256 | 2e1c6f0cbff4d283e27bc67ff2c3d6a2f97825e1fb4b4c03692fb92493f675d7; Download | Favorite | View

Adobe Flash Heap Use-After-Free In SurfaceFilterList::CreateFromScriptAtom: Posted Aug 19, 2015; Authored by bilou; Adobe Flash suffers from a heap use-after-free vulnerability in SurfaceFilterList::CreateFromScriptAtom.; tags | exploit; advisories | CVE-2015-5563; SHA-256 | a0281df3d7aa9384aee12714924135d0f2ba0281c842d544e991427f2733bd96; Download | Favorite | View

Adobe Flash AS2 Use-After-Free In TextField.filters: Posted Aug 19, 2015; Authored by bilou; There is a use after free vulnerability in the ActionScript 2 TextField.filters array property.; tags | exploit; advisories | CVE-2015-5561; SHA-256 | ba078b1fb9699fb28314ffceb29d7447e2439e39e19e7e403d97f297eec2762f; Download | Favorite | View

Adobe Flash Player domainMemory ByteArray Use After Free: Posted May 7, 2015; Authored by juan vazquez, temp66, hdarwin, bilou | Site metasploit.com; This Metasploit module exploits a use-after-free vulnerability in Adobe Flash Player. The vulnerability occurs when the ByteArray assigned to the current ApplicationDomain is freed from an ActionScript worker, when forcing a reallocation by copying more contents than the original capacity, but Flash forgets to update the domainMemory pointer, leading to a use-after-free situation when the main worker references the domainMemory again. This Metasploit module has been tested successfully on Windows 7 SP1 (32-bit), IE 8 and IE11 with Flash 17.0.0.134.; tags | exploit; systems | windows; advisories | CVE-2015-0359; SHA-256 | 35afddd5d3435bc9a7d573d702fbd4a8ffa05be42f3a36a7f8f99095dcaea8ed; Download | Favorite | View

Adobe Flash Player casi32 Integer Overflow: Posted Apr 10, 2015; Authored by juan vazquez, bilou | Site metasploit.com; This Metasploit module exploits an integer overflow in Adobe Flash Player. The vulnerability occurs in the casi32 method, where an integer overflow occurs if a ByteArray of length 0 is setup as domainMemory for the current application domain. This Metasploit module has been tested successfully on Windows 7 SP1 (32-bit), IE 8 to IE 11 and Flash 15.0.0.167.; tags | exploit, overflow; systems | windows; advisories | CVE-2014-0569; SHA-256 | ae591f02688cd067f82a826d2565cca8148319265c1fabddf71ee88ff7b5d99b; Download | Favorite | View