exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2010-1297

Status Candidate

Overview

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.

Related Files

Bleeding Life 2 Exploit Pack
Posted Oct 24, 2011
Site blackhatacademy.org

Black Hat Academy has decided to go open source with the Bleeding Life 2 exploit pack. This is an exploit pack that affects Windows-based web browsers via Adobe and Java.

tags | exploit, java, web
systems | linux, windows
advisories | CVE-2008-2992, CVE-2010-1297, CVE-2010-2884, CVE-2010-0188, CVE-2010-0642, CVE-2010-3552
SHA-256 | 36303b4d6d25064a2ca162802f5dd9c42e121666c9a8518b0f3c3041b3c36994
Gentoo Linux Security Advisory 201101-09
Posted Jan 21, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201101-9 - Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a Denial of Service. Versions less than 10.1.102.64 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-4546, CVE-2009-3793, CVE-2010-0186, CVE-2010-0187, CVE-2010-0209, CVE-2010-1297, CVE-2010-2160, CVE-2010-2161, CVE-2010-2162, CVE-2010-2163, CVE-2010-2164, CVE-2010-2165, CVE-2010-2166, CVE-2010-2167, CVE-2010-2169, CVE-2010-2170, CVE-2010-2171, CVE-2010-2172, CVE-2010-2173, CVE-2010-2174, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2179, CVE-2010-2180, CVE-2010-2181, CVE-2010-2182
SHA-256 | c6cdc7639bd5039788276ccd46124edec6556cdbe06393e2fee124c513405ba0
Month Of Abysssec Undisclosed Bugs - Adobe Advisory
Posted Sep 1, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Adobe Acrobat Reader and Flash Player suffer from a "newclass" invalid pointer vulnerability.

tags | advisory
advisories | CVE-2010-1297
SHA-256 | e7aaf1734389e0c5d88406c170e909b6f66c0ed081c93cf0c5473f4cf0889acd
Month Of Abysssec Undisclosed Bugs - Adobe Reader / Flash Invalid Pointer
Posted Sep 1, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Adobe Acrobat Reader and Flash Player suffer from a "newclass" invalid pointer vulnerability.

tags | exploit
advisories | CVE-2010-1297
SHA-256 | 2c5508855b6a5b095407a8976a6b33acc009bc84c8d18e7cd0219d6ad166701d
Adobe Flash Player newfunction Invalid Pointer Use
Posted Jun 15, 2010
Site metasploit.com

This Metasploit module exploits a vulnerability in the DoABC tag handling within versions 9.x and 10.0 of Adobe Flash Player. Adobe Reader and Acrobat are also vulnerable, as are any other applications that may embed Flash player. Arbitrary code execution is achieved by embedding a specially crafted Flash movie into a PDF document. An AcroJS heap spray is used in order to ensure that the memory used by the invalid pointer issue is controlled. NOTE: This Metasploit module uses a similar DEP bypass method to that used within the adobe_libtiff module. This method is unlikely to work across various Windows versions due a the hardcoded syscall number.

tags | exploit, arbitrary, code execution
systems | windows
advisories | CVE-2010-1297
SHA-256 | 71ccaf27795a2d55817a54366b9579a0f716c0eac2bba96dd2737900840223ae
Adobe Flash Player newfucntion Invalid Pointer Use
Posted Jun 15, 2010
Site metasploit.com

This Metasploit module exploits a vulnerability in the DoABC tag handling within versions 9.x and 10.0 of Adobe Flash Player. Adobe Reader and Acrobat are also vulnerable, as are any other applications that may embed Flash player. Arbitrary code execution is achieved by embedding a specially crafted Flash movie into a PDF document. An AcroJS heap spray is used in order to ensure that the memory used by the invalid pointer issue is controlled. NOTE: This Metasploit module uses a similar DEP bypass method to that used within the adobe_libtiff module. This method is unlikely to work across various Windows versions due a the hardcoded syscall number.

tags | exploit, arbitrary, code execution
systems | windows
advisories | CVE-2010-1297
SHA-256 | e02f5ac92e82f00a79b8fe5ef61a301064717212d5c369c5e7ac2e797ab4e3bd
Technical Cyber Security Alert 2010-162A
Posted Jun 12, 2010
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2010-162A - According to Adobe Security Bulletin APSB10-14, there are vulnerabilities in Adobe Flash and AIR. These vulnerabilities affect Flash Player, AIR, and possibly other products that support Flash. A remote attacker could exploit these vulnerabilities to execute arbitrary code.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2010-1297
SHA-256 | 7963dd151f6e5c13b6f329718ac565138bca7c9bccb72ba904089d59a8657579
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close