Adobe Flash Player shared ByteArray Use-After-Free Exploit

This module exploits a Use-After-Free vulnerability in Adobe Flash Player. The method ByteArray::clear does not notify the suscriber when frees the memory assigned to a ByteArray object leaving a dangling pointer that can be later dereferenced. This vulnerability allows attackers to execute arbitrary code on vulnerable machines by enticing unsuspecting users to visit a website serving a specially crafted SWF Flash file. This vulnerability was found exploited in the wild in February 2015.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2015-0313
Product Version: 
2014_R2
Released Date: 
Thursday, March 26, 2015 - 00:00