exploit the possibilities
Showing 1 - 7 of 7 RSS Feed

CVE-2010-1297

Status Candidate

Overview

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.

Related Files

Bleeding Life 2 Exploit Pack
Posted Oct 24, 2011
Site blackhatacademy.org

Black Hat Academy has decided to go open source with the Bleeding Life 2 exploit pack. This is an exploit pack that affects Windows-based web browsers via Adobe and Java.

tags | exploit, java, web
systems | linux, windows
advisories | CVE-2008-2992, CVE-2010-1297, CVE-2010-2884, CVE-2010-0188, CVE-2010-0642, CVE-2010-3552
MD5 | df19be9e1d930def74baab341a3a5f08
Gentoo Linux Security Advisory 201101-09
Posted Jan 21, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201101-9 - Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a Denial of Service. Versions less than 10.1.102.64 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-4546, CVE-2009-3793, CVE-2010-0186, CVE-2010-0187, CVE-2010-0209, CVE-2010-1297, CVE-2010-2160, CVE-2010-2161, CVE-2010-2162, CVE-2010-2163, CVE-2010-2164, CVE-2010-2165, CVE-2010-2166, CVE-2010-2167, CVE-2010-2169, CVE-2010-2170, CVE-2010-2171, CVE-2010-2172, CVE-2010-2173, CVE-2010-2174, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2179, CVE-2010-2180, CVE-2010-2181, CVE-2010-2182
MD5 | 9f2ff7f25d3cc3ffeb917a714d00127a
Month Of Abysssec Undisclosed Bugs - Adobe Advisory
Posted Sep 1, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Adobe Acrobat Reader and Flash Player suffer from a "newclass" invalid pointer vulnerability.

tags | advisory
advisories | CVE-2010-1297
MD5 | fdb5c4d67a6da028140181593899cb19
Month Of Abysssec Undisclosed Bugs - Adobe Reader / Flash Invalid Pointer
Posted Sep 1, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Adobe Acrobat Reader and Flash Player suffer from a "newclass" invalid pointer vulnerability.

tags | exploit
advisories | CVE-2010-1297
MD5 | e44475e68ca437d68b131cf63c343d95
Adobe Flash Player newfunction Invalid Pointer Use
Posted Jun 15, 2010
Site metasploit.com

This Metasploit module exploits a vulnerability in the DoABC tag handling within versions 9.x and 10.0 of Adobe Flash Player. Adobe Reader and Acrobat are also vulnerable, as are any other applications that may embed Flash player. Arbitrary code execution is achieved by embedding a specially crafted Flash movie into a PDF document. An AcroJS heap spray is used in order to ensure that the memory used by the invalid pointer issue is controlled. NOTE: This Metasploit module uses a similar DEP bypass method to that used within the adobe_libtiff module. This method is unlikely to work across various Windows versions due a the hardcoded syscall number.

tags | exploit, arbitrary, code execution
systems | windows
advisories | CVE-2010-1297
MD5 | 7e72f0d2d13e556c732c0a442e0b075e
Adobe Flash Player newfucntion Invalid Pointer Use
Posted Jun 15, 2010
Site metasploit.com

This Metasploit module exploits a vulnerability in the DoABC tag handling within versions 9.x and 10.0 of Adobe Flash Player. Adobe Reader and Acrobat are also vulnerable, as are any other applications that may embed Flash player. Arbitrary code execution is achieved by embedding a specially crafted Flash movie into a PDF document. An AcroJS heap spray is used in order to ensure that the memory used by the invalid pointer issue is controlled. NOTE: This Metasploit module uses a similar DEP bypass method to that used within the adobe_libtiff module. This method is unlikely to work across various Windows versions due a the hardcoded syscall number.

tags | exploit, arbitrary, code execution
systems | windows
advisories | CVE-2010-1297
MD5 | 42e758030e92a737d73848749544de54
Technical Cyber Security Alert 2010-162A
Posted Jun 12, 2010
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2010-162A - According to Adobe Security Bulletin APSB10-14, there are vulnerabilities in Adobe Flash and AIR. These vulnerabilities affect Flash Player, AIR, and possibly other products that support Flash. A remote attacker could exploit these vulnerabilities to execute arbitrary code.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2010-1297
MD5 | c656bba2368d9370f36a294bbaafb55b
Page 1 of 1
Back1Next

File Archive:

December 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    18 Files
  • 2
    Dec 2nd
    11 Files
  • 3
    Dec 3rd
    23 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close