1018 - Adobe Flash: Overflow in MP4 AMF Parsing - project-zero

Starred by 2 users

Status:	Fixed
Owner:	natashenka@google.com
Closed:	Feb 2017
Cc:	project-...@google.com
Finder-natashenka Deadline-90 CCProjectZeroMembers Product-Flash Severity-High Vendor-Adobe Finder-mjurczyk Reported-2016-Nov-29 CVE-2017-2992

Adobe Flash: Overflow in MP4 AMF Parsing

Project Member Reported by natashenka@google.com, Nov 30 2016

Back to list

There is an overflow in MP4 AMF parsing. To reproduce, put the attached files on a server and visit http://127.0.0.1/LoadMP4.swf?file=unsigned.mp4.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse
without a broadly available patch, then the bug report will automatically
become visible to the public.

	unsigned.mp4 7.3 MB View Download

LoadMP4.swf
963 bytes Download

Project Member Comment 1 by mjurczyk@google.com, Dec 8 2016

Labels: -Reported-2017-Nov-29 Reported-2016-Nov-29

Project Member Comment 2 by natashenka@google.com, Feb 16 2017

Labels: -Restrict-View-Commit CVE-2017-2992
Status: Fixed

Fixed in Feb update

► Sign in to add a comment