1008 - Adobe Flash: Heap Overflow in YUVPlane decoding - project-zero

Starred by 1 user

Status:	Fixed
Owner:	natashenka@google.com
Closed:	Feb 2017
Cc:	project-...@google.com
Finder-natashenka Deadline-90 CCProjectZeroMembers Product-Flash Severity-High Vendor-Adobe Finder-mjurczyk Reported-2016-Nov-23 CVE-2017-2986

Adobe Flash: Heap Overflow in YUVPlane decoding

Project Member Reported by natashenka@google.com, Nov 24 2016

Back to list

The attached FLV file causes a heap overflow in YUVPlane decoding.

To reproduce, put LoadMP4.swf and yuvplane.flv on a server, and visit 127.0.0.1/LoadMP4.swf?file=yvplane.flv. 

This bug is subject to a 90 day disclosure deadline. If 90 days elapse
without a broadly available patch, then the bug report will automatically
become visible to the public.

yuvplane.flv
221 KB Download

LoadMP4.swf
1.0 KB Download

Project Member Comment 1 by natashenka@google.com, Feb 16 2017

Labels: -Restrict-View-Commit CVE-2017-2986

Fixed in Feb update

Project Member Comment 2 by natashenka@google.com, Feb 16 2017

Status: Fixed

► Sign in to add a comment