exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2010-1297

Status Candidate

Overview

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.

Related Files

Bleeding Life 2 Exploit Pack
Posted Oct 24, 2011
Site blackhatacademy.org

Black Hat Academy has decided to go open source with the Bleeding Life 2 exploit pack. This is an exploit pack that affects Windows-based web browsers via Adobe and Java.

tags | exploit, java, web
systems | linux, windows
advisories | CVE-2008-2992, CVE-2010-1297, CVE-2010-2884, CVE-2010-0188, CVE-2010-0642, CVE-2010-3552
SHA-256 | 36303b4d6d25064a2ca162802f5dd9c42e121666c9a8518b0f3c3041b3c36994
Gentoo Linux Security Advisory 201101-09
Posted Jan 21, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201101-9 - Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a Denial of Service. Versions less than 10.1.102.64 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-4546, CVE-2009-3793, CVE-2010-0186, CVE-2010-0187, CVE-2010-0209, CVE-2010-1297, CVE-2010-2160, CVE-2010-2161, CVE-2010-2162, CVE-2010-2163, CVE-2010-2164, CVE-2010-2165, CVE-2010-2166, CVE-2010-2167, CVE-2010-2169, CVE-2010-2170, CVE-2010-2171, CVE-2010-2172, CVE-2010-2173, CVE-2010-2174, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2179, CVE-2010-2180, CVE-2010-2181, CVE-2010-2182
SHA-256 | c6cdc7639bd5039788276ccd46124edec6556cdbe06393e2fee124c513405ba0
Month Of Abysssec Undisclosed Bugs - Adobe Advisory
Posted Sep 1, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Adobe Acrobat Reader and Flash Player suffer from a "newclass" invalid pointer vulnerability.

tags | advisory
advisories | CVE-2010-1297
SHA-256 | e7aaf1734389e0c5d88406c170e909b6f66c0ed081c93cf0c5473f4cf0889acd
Month Of Abysssec Undisclosed Bugs - Adobe Reader / Flash Invalid Pointer
Posted Sep 1, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Adobe Acrobat Reader and Flash Player suffer from a "newclass" invalid pointer vulnerability.

tags | exploit
advisories | CVE-2010-1297
SHA-256 | 2c5508855b6a5b095407a8976a6b33acc009bc84c8d18e7cd0219d6ad166701d
Adobe Flash Player newfunction Invalid Pointer Use
Posted Jun 15, 2010
Site metasploit.com

This Metasploit module exploits a vulnerability in the DoABC tag handling within versions 9.x and 10.0 of Adobe Flash Player. Adobe Reader and Acrobat are also vulnerable, as are any other applications that may embed Flash player. Arbitrary code execution is achieved by embedding a specially crafted Flash movie into a PDF document. An AcroJS heap spray is used in order to ensure that the memory used by the invalid pointer issue is controlled. NOTE: This Metasploit module uses a similar DEP bypass method to that used within the adobe_libtiff module. This method is unlikely to work across various Windows versions due a the hardcoded syscall number.

tags | exploit, arbitrary, code execution
systems | windows
advisories | CVE-2010-1297
SHA-256 | 71ccaf27795a2d55817a54366b9579a0f716c0eac2bba96dd2737900840223ae
Adobe Flash Player newfucntion Invalid Pointer Use
Posted Jun 15, 2010
Site metasploit.com

This Metasploit module exploits a vulnerability in the DoABC tag handling within versions 9.x and 10.0 of Adobe Flash Player. Adobe Reader and Acrobat are also vulnerable, as are any other applications that may embed Flash player. Arbitrary code execution is achieved by embedding a specially crafted Flash movie into a PDF document. An AcroJS heap spray is used in order to ensure that the memory used by the invalid pointer issue is controlled. NOTE: This Metasploit module uses a similar DEP bypass method to that used within the adobe_libtiff module. This method is unlikely to work across various Windows versions due a the hardcoded syscall number.

tags | exploit, arbitrary, code execution
systems | windows
advisories | CVE-2010-1297
SHA-256 | e02f5ac92e82f00a79b8fe5ef61a301064717212d5c369c5e7ac2e797ab4e3bd
Technical Cyber Security Alert 2010-162A
Posted Jun 12, 2010
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2010-162A - According to Adobe Security Bulletin APSB10-14, there are vulnerabilities in Adobe Flash and AIR. These vulnerabilities affect Flash Player, AIR, and possibly other products that support Flash. A remote attacker could exploit these vulnerabilities to execute arbitrary code.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2010-1297
SHA-256 | 7963dd151f6e5c13b6f329718ac565138bca7c9bccb72ba904089d59a8657579
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    11 Files
  • 8
    Dec 8th
    45 Files
  • 9
    Dec 9th
    9 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close