CVE-2015-3081

Related Files

Flash Broker-Based Sandbox Escape Via Timing Attack Against File Moving

Posted Aug 21, 2015

Authored by keen, Google Security Research

Flash suffers from a broker-based sandbox escape.

tags | exploit

systems | linux

advisories | CVE-2015-3081

SHA-256 | 989036efd58bbccc9c007b2a7121bd6ba170455cc7d74bc71d5f4bbe336962f7

Download | Favorite | View

Flash Broker-Based Sandbox Escape Via Timing Attack Against File Moving

Posted Aug 19, 2015

Authored by Jihui Lu

FlashBroker is vulnerable to NTFS junction attack to write an arbitrary file to the filesystem under user permissions. There is a race condition in FlashBroker BrokerMoveFileEx method. This race can be won by using an oplock to wait for the point where the BrokerMoveFileEx method opens the original file and then making destination to be a junction.

tags | exploit, arbitrary

systems | linux

advisories | CVE-2015-3081

SHA-256 | 4a8cd33a5f101e483a330b62c04d5e4cf5d733d46fdcb20efda5eb7f32e33f84

Download | Favorite | View

Gentoo Linux Security Advisory 201505-02

Posted Jun 1, 2015

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201505-2 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.460 are affected.

tags | advisory, remote, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2015-3044, CVE-2015-3077, CVE-2015-3078, CVE-2015-3079, CVE-2015-3080, CVE-2015-3081, CVE-2015-3082, CVE-2015-3083, CVE-2015-3084, CVE-2015-3085, CVE-2015-3086, CVE-2015-3087, CVE-2015-3088, CVE-2015-3089, CVE-2015-3090, CVE-2015-3091, CVE-2015-3092, CVE-2015-3093

SHA-256 | f663dc1cfad1b619dc5d05e5d0d9e4af9c891c5a188d77bfad0c62379107bdfb

Download | Favorite | View