This module exploits a buffer overflow vulnerability in Adobe Flash Player when parsing malformed FLV objects. Attackers exploiting the vulnerability can corrupt memory and gain remote code execution.
This module exploits a Use-After-Free vulnerability in Adobe Flash Player.
The specific flaw exists when the suscriber is not notified if a ByteArray assigned to the ApplicationDomain is freed from an ActionScript worker.
By forcing a reallocation by copying more contents than the original capacity to the shared buffer by using the ByteArray::writeBytes method call, the ApplicationDomain pointer is not updated leading to a use-after-free vulnerability.
This allows to overwrite different objects like vectors and finally accomplish remote code execution.
The specific flaw exists when the suscriber is not notified if a ByteArray assigned to the ApplicationDomain is freed from an ActionScript worker.
By forcing a reallocation by copying more contents than the original capacity to the shared buffer by using the ByteArray::writeBytes method call, the ApplicationDomain pointer is not updated leading to a use-after-free vulnerability.
This allows to overwrite different objects like vectors and finally accomplish remote code execution.
This module exploits a memory corruption vulnerability in Adobe Flash Player. The specific flaw exists when a Shader is applied as a drawing fill allowing an attacker to take control of a vulnerable machine and execute arbitrary code.
This vulnerability was found exploited in the wild on June 2015.
This vulnerability was found exploited in the wild on June 2015.
This module exploits a buffer overflow vulnerability in Adobe Flash Player when parsing malformed FLV objects. Attackers exploiting the vulnerability can corrupt memory and gain remote code execution.
This vulnerability has been found exploited in the wild in June 2015 in the Operation Clandestine Wolf campaign.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
This vulnerability has been found exploited in the wild in June 2015 in the Operation Clandestine Wolf campaign.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
This module exploits a buffer overflow vulnerability in Adobe Flash Player.
The specific flaw exists when the "width" attribute of a ShaderJob is modified after starting the job allowing to an attacker to control the size of a destination buffer and the lenght of the copy operation.
The specific flaw exists when the "width" attribute of a ShaderJob is modified after starting the job allowing to an attacker to control the size of a destination buffer and the lenght of the copy operation.
This module exploits a Type Confusion vulnerability in Adobe Flash Player. The specific flaw exist in the ActionScript 2 NetConnection class.
When a NetConnection method is called with a parameter that is a native function object, its native data can be specified as a Number by the caller, but be interpreted as a pointer.
This allows to overwrite different objects like vectors and finally accomplish remote code execution.
When a NetConnection method is called with a parameter that is a native function object, its native data can be specified as a Number by the caller, but be interpreted as a pointer.
This allows to overwrite different objects like vectors and finally accomplish remote code execution.
The MetaDraw ActiveX control's ObjLinks property can be assigned an attacker-supplied memory address and the control will redirect execution flow to this given memory address.
This update add some Av Evasion capabilities
This update add some Av Evasion capabilities
This module exploits a Use-After-Free vulnerability in Adobe Flash Player. The method ByteArray::clear does not notify the suscriber when frees the memory assigned to a ByteArray object leaving a dangling pointer that can be later dereferenced.
This vulnerability allows attackers to execute arbitrary code on vulnerable machines by enticing unsuspecting users to visit a website serving a specially crafted SWF Flash file.
This vulnerability was found exploited in the wild in February 2015.
This updates adds support for Windows 8 and 8.1.
This vulnerability allows attackers to execute arbitrary code on vulnerable machines by enticing unsuspecting users to visit a website serving a specially crafted SWF Flash file.
This vulnerability was found exploited in the wild in February 2015.
This updates adds support for Windows 8 and 8.1.
This module exploits a use after free in Internet Explorer by using a SetMouseCapture vulnerability in MSHTML.
This update fix an encryptAgent problem.
This update fix an encryptAgent problem.
This module exploits a compilation logic error in the PCRE engine in Adobe Flash Player. The handling of the \c escape sequence when followed by a multi-byte UTF8 character, allows arbitrary code execution of PCRE bytecode.