header-logo
Suggest Exploit
vendor:
Flash Player
by:
Google Security Research
9.8
CVSS
CRITICAL
Out-of-Bounds Read
125
CWE
Product Name: Flash Player
Affected Version From: Prior to 32.0.0.371
Affected Version To: Prior to 32.0.0.371
Patch Exists: YES
Related CWE: CVE-2019-8069
CPE: o:adobe:flash_player
Metasploit: https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2019-8069/https://www.rapid7.com/db/vulnerabilities/redhat_linux-cve-2019-8069/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2019-8069/https://www.rapid7.com/db/vulnerabilities/freebsd-cve-2019-8069/https://www.rapid7.com/db/vulnerabilities/msft-cve-2019-8069/https://www.rapid7.com/db/vulnerabilities/freebsd-cve-2019-8070/https://www.rapid7.com/db/vulnerabilities/flash_player-cve-2019-8069/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux x64
2019

Out-of-Bounds Read

A vulnerability in Adobe Flash Player allows an attacker to read data from memory locations outside of the intended bounds of a buffer, due to improper bounds checking. This can lead to information disclosure, and potentially code execution. This vulnerability affects Adobe Flash Player versions prior to 32.0.0.371.

Mitigation:

Upgrade to Adobe Flash Player version 32.0.0.371 or later.
Source

Exploit-DB raw data:

Source: https://code.google.com/p/google-security-research/issues/detail?id=399&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id

The attached sample, signal_sigsegv_7ffff60a1429_9554_f4dc661554237404dfe394d4c6c3e674.swf, crashes in this manner on Linux x64:

=> 0x00007f693158481f:	movzbl (%rcx),%r11d
rcx            0x3102ffffecfd	53888954658045

The base sample from which this fuzz case was generated is also attached. We believe this may be related to button handling.

Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/37869.zip

Navigation

Suggest Exploit

Services By CQR