Name | adobe_flash_id3 |
CVE | CVE-2015-5560 |
Exploit Pack | CANVAS |
Description | adobe_flash_id3 |
Notes | CVE Name: CVE-2015-5560 VENDOR: Adobe Notes: This module exploits a mishandling of large integers during the decoding of an ID3 tag. This situation leads to an integer overflow that eventually could produce a heap overflow. In this case, an array's length will be corrupted to obtain an arbitrary memory read/write primitive. Tested on: - Windows 7 Ultimate SP1 x32 with IE11 32 bits (Adobe Flash Player 18.0.0.209 32-bit) - Windows 7 Professional SP1 x64 with IE11 32 bits (Adobe Flash Player 18.0.0.209 32-bit) VersionsAffected: Adobe Flash Player <= 18.0.0.209 on Windows References: ['https://bugs.chromium.org/p/project-zero/issues/detail?id=443'] CVE Url: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5560 |
Learn more about the CANVAS Exploit Pack here: CANVAS |