New issue
Advanced search Search tips
Starred by 2 users
Status: Fixed
Owner:
Closed: Jun 8
Cc:



Sign in to add a comment
Adobe Flash: Heap Corruption in ATF Parser
Project Member Reported by natashenka@google.com, Mar 21 2017 Back to list
The attached file causes heap corruption in the ATF parser. To reproduce the issue, copy atffree.atf and LoadImage.swf to a server, and visit http://127.0.0.1/LoadImage.swf?img=atffree.png.

This bug is subject to a 90 day disclosure deadline. After 90 days elapse
or a patch has been made broadly available, the bug report will become
visible to the public.

 
atffree.atf
48 bytes Download
LoadImage.swf
1.2 KB Download
Project Member Comment 1 by natashenka@google.com, Mar 22 2017
This is PSIRT-6539.
Project Member Comment 2 by natashenka@google.com, Jun 8
Labels: CVE-2017-3078
Status: Fixed
Project Member Comment 3 by mjurczyk@google.com, Jun 21
Labels: -restrict-view-commit
Sign in to add a comment