Issue metadata
Sign in to add a comment
|
Security: [FG-VD-16-086] Adobe Flash Player Handing MP4 Memory Corruption Vulnerability
Reported by
kevinlu0...@gmail.com,
Nov 28 2016
|
||||||||||||||||||||
Issue descriptionVULNERABILITY DETAILS It is a memory corruption vulnerability in MP4 processing. VERSION Adobe Flash Player 23.0.0.207 Other versions may be affected too REPRODUCTION CASE put LoadMP42.swf and FG-VD-16-086_PoC.mp4 on a server and load http://127.0.0.1:8080/LoadMP42.swf?file=FG-VD-16-086_PoC.mp4 run the following command line. flashplayer_23_sa_207.exe http://127.0.0.1:8080/LoadMP42.swf?file=FG-VD-16-086_PoC.mp4 Credits: This vulnerability was discovered by Kai Lu of Fortinet's FortiGuard Labs.
,
Nov 29 2016
,
Nov 29 2016
,
Nov 29 2016
,
Nov 30 2016
Repros for me consistently on Firefox, and inconsistently on Chrome and content projector only on Windows 7. I'll report this to Adobe.
,
Nov 30 2016
This is PSIRT-6066.
,
Dec 2 2016
,
Jan 26 2017
,
Feb 13 2017
This was fixed as CVE-2017-2990
,
Feb 13 2017
,
Feb 15 2017
,
Feb 16 2017
,
Feb 18 2017
,
Feb 18 2017
The panel decided to award $500 for this report - thanks!
,
Feb 18 2017
,
Feb 18 2017
,
Feb 19 2017
Your change meets the bar and is auto-approved for M57. Please go ahead and merge the CL to branch 2987 manually. Please contact milestone owner if you have questions. Owners: amineer@(clank), cmasso@(bling), ketakid@(cros), govind@(desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Feb 20 2017
No merge needed.
,
Mar 31 2017
,
May 25 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||
Comment 1 by dominickn@chromium.org
, Nov 28 2016Labels: Security_Severity-High Security_Impact-Stable
Owner: natashenka@google.com
Status: Assigned (was: Unconfirmed)