6fa97a6001
6 new exploits RPCScan 2.03 - Hostname/IP Field Crash PoC CIScan 1.00 - Hostname/IP Field Crash PoC DotNetNuke 07.04.00 - Administration Authentication Bypass Adobe Flash - Use-After-Free When Rendering Displays From Multiple Scripts Adobe Flash - MovieClip.duplicateMovieClip Use-After-Free ManageEngine Applications Manager Build 12700 - Multiple Vulnerabilities
8 lines
415 B
Text
Executable file
8 lines
415 B
Text
Executable file
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=759
|
|
|
|
There is a use-after-free in MovieClip.duplicateMovieClip.If an action associated with the MovieClip frees the clip provided as the initObject parameter to the call, it will be used after it is freed.A PoC is attached.
|
|
|
|
|
|
Proof of Concept:
|
|
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/39779.zip
|
|
|