7 lines
No EOL
294 B
Text
7 lines
No EOL
294 B
Text
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1174
|
|
|
|
The attached fuzzed swf causes a crash due to heap corruption when processing the margins of a rich text field.
|
|
|
|
|
|
Proof of Concept:
|
|
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42018.zip |