Adobe Flash - AVC Processing Out-of-Bounds Read

EDB-ID:

45268




Platform:

Linux

Date:

2018-08-27


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux , the course required to become an Offensive Security Certified Professional (OSCP)

GET CERTIFIED

The attached fuzz file causes an out-of-bounds read in AVC processing. To reproduce the issue, put both attached files on a server, and vist:

http://127.0.0.1/LoadMP4.swf?file=transpose.mp4

This issue reproduces on Chrome and Firefox for Linux. 


Proof of Concept:
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/45268.zip