1013 - Adobe Flash: Fuzzed SWF causes stack corruption - project-zero

Starred by 1 user

Status:	Fixed
Owner:	natashenka@google.com
Closed:	Feb 2017
Cc:	project-...@google.com
Finder-natashenka Deadline-90 CCProjectZeroMembers Product-Flash Severity-High Vendor-Adobe Finder-mjurczyk Reported-2016-Nov-28 CVE-2017-2988

Adobe Flash: Fuzzed SWF causes stack corruption

Project Member Reported by natashenka@google.com, Nov 29 2016

Back to list

The attached fuzzed swf causes stack corruption when it is loaded, likely due to the parsing of the SWF file.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse
without a broadly available patch, then the bug report will automatically
become visible to the public.

stackbad.swf
271 KB Download

Project Member Comment 1 by natashenka@google.com, Dec 1 2016

Labels: -Vendor-Flash Vendor-Adobe

Project Member Comment 2 by natashenka@google.com, Feb 16 2017

Labels: -Restrict-View-Commit CVE-2017-2988
Status: Fixed

Fixed in Feb update

► Sign in to add a comment