789 - Adobe Flash: Heap Overflow in ATF processing (Image Reading) - project-zero

Starred by 2 users

Status:	Fixed
Owner:	natashenka@google.com
Closed:	May 2016
Cc:	project-...@google.com
Finder-natashenka Deadline-90 CCProjectZeroMembers Product-Flash Severity-High Vendor-Adobe Finder-mjurczyk Reported-2016-Apr-1 Id-5085 CVE-2016-1101

Adobe Flash: Heap Overflow in ATF processing (Image Reading)

Project Member Reported by natashenka@google.com, Apr 1 2016

Back to list

There is a large heap overflow in reading an ATF image to a Bitmap object. To reproduce the issue, load the attach file '4' using LoadImage.swf as follows:

LoadImage.swf?img=4

This bug is subject to a 90 day disclosure deadline. If 90 days elapse
without a broadly available patch, then the bug report will automatically
become visible to the public.

4
2.6 KB View Download

LoadImage.swf
1.2 KB Download

Project Member Comment 1 by natashenka@google.com, Apr 5 2016

Labels: Id-5085

Project Member Comment 2 by natashenka@google.com, May 16 2016

Labels: -Restrict-View-Commit CVE-2016-1101
Status: Fixed

► Sign in to add a comment