exploit-db-mirror/exploits/multiple/dos/41609.txt

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1006

The attached file causes a use-after-free in attaching a MovieClip and applying the init object.


Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/41609.zip