66117c63f5
16 new exploits Adobe Flash - Metadata Parsing Out-of-Bounds Read Adobe Flash - MovieClip Attach init Object Use-After-Free Adobe Flash - ATF Thumbnailing Heap Overflow Adobe Flash - ATF Planar Decompression Heap Overflow Adobe Flash - AVC Header Slicing Heap Overflow Microsoft Windows - 'LoadUvsTable()' Heap-based Buffer Overflow USBPcap - Privilege Escalation USBPcap 1.1.0.0 (WireShark 2.2.5) - Privilege Escalation PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) - Local Privilege Escalation Microsoft Windows - COM Session Moniker Privilege Escalation (MS17-012) Cisco Firepower Management Console 6.0 - Post Authentication UserAdd Cisco Firepower Management Console 6.0 - Post Authentication UserAdd (Metasploit) IBM WebSphere - RCE Java Deserialization (Metasploit) Apache Struts Jakarta - Multipart Parser OGNL Injection (Metasploit) Joomla! Component Vik Appointments 1.5 - SQL Injection Joomla! Component Vik Rent Items 1.3 - SQL Injection Joomla! Component Vik Rent Car 1.11 - SQL Injection GitHub Enterprise 2.8.0 < 2.8.6 - Remote Code Execution Steam Profile Integration 2.0.11 - SQL injection Sitecore CMS 8.1 Update-3 - Cross-Site Scripting
7 lines
389 B
Text
Executable file
7 lines
389 B
Text
Executable file
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1016
|
|
|
|
The attached file causes heap corruption when decompressing a planar block. To reproduce the issue, but both attached files on a server and visit: http://127.0.0.1/LoadImage.swf?img=planar1.atf
|
|
|
|
|
|
Proof of Concept:
|
|
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/41611.zip
|