CVE-2015-8043

Related Files

Adobe Flash GradientFill Use-After-Free

Posted Dec 18, 2015

Authored by Google Security Research, natashenka

There are a number of use-after-free vulnerabilities in MovieClip.beginGradientFill. If the spreadMethod or any other string parameter is an object with toString defined, this method can free the MovieClip, which is then used. Note that many parameters to this function can be used to execute script and free the MovieClip during execution, it is recommended that this issues be fixed with a stale pointer check.

tags | exploit, vulnerability

systems | linux

advisories | CVE-2015-8043

SHA-256 | 57667d7fb95d4e7f97ac85d9bca8fb59ed26e9075e32e5856e6d205aaaf920f9

Download | Favorite | View

Red Hat Security Advisory 2015-2023-01

Posted Nov 12, 2015

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2023-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin APSB15-28 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability

systems | linux, redhat

advisories | CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7659, CVE-2015-7660, CVE-2015-7661, CVE-2015-7662, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, CVE-2015-8046

SHA-256 | 8204c4136f539269868b5d6624f20d39da33294057e672ab1d22b6e8cd023552

Download | Favorite | View