Adobe Flash 24.0.0.186 Code Execution

This documented vulnerability allows a remote attacker to execute malicious code or access to a part of the dynamically allocated memory using a user interaction visiting a Web page or open a specially crafted SWF file, an attacker is able to create an "out of bound" memory corruption. A file with an "ActionRecord" structure that contains an invalid value in "ActionGetURL2" could lead to remote code execution in the context of the current user. Proof of concept code included.


MD5 | 29eff5852d8270398abf4007b49b527b


Related Posts

Comments