header-logo
Suggest Exploit
vendor:
Flash Player
by:
Project Zero
8,8
CVSS
HIGH
Out-of-Bounds Read
125
CWE
Product Name: Flash Player
Affected Version From: Prior to 32.0.0.255
Affected Version To: Prior to 32.0.0.255
Patch Exists: YES
Related CWE: CVE-2019-7845
CPE: a:adobe:flash_player
Metasploit: https://www.rapid7.com/db/vulnerabilities/redhat_linux-cve-2019-7845/https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2019-7845/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2019-7845/https://www.rapid7.com/db/vulnerabilities/freebsd-cve-2019-7845/https://www.rapid7.com/db/vulnerabilities/flash_player-cve-2019-7845/https://www.rapid7.com/db/vulnerabilities/msft-cve-2019-7845/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2019

Out-of-Bounds Read in Flash

An out-of-bounds read vulnerability exists in Adobe Flash when decoding a specially crafted PNG file. An attacker can exploit this vulnerability to read data from memory, resulting in information disclosure. This vulnerability affects Adobe Flash versions prior to 32.0.0.255.

Mitigation:

Adobe has released a patch to address this vulnerability. Users should update to the latest version of Adobe Flash.
Source

Exploit-DB raw data:

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1215

The attached png file causes an out-of-bounds read when being decoded by flash. To reproduce the issue, put LoadImage.swf and read1.png on a server, and visit:

http://127.0.0.1/LoadImage.swf=read1.png


Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42248.zip

Navigation

Suggest Exploit

Services By CQR