Lucene search
Bee13oyH1:139879HistoryMay 19, 2016 - 9:56 p.m.
Internet Bug Bounty: Adobe Flash Player Regular Expression UAF Remote Code Execution Vulnerability
2016-05-1921:56:20
bee13oy
hackerone.com
18
0.013 Low
EPSS
Percentile
86.0%
I. Summary
There’s a UAF Vulnerability in the PCRE engine version used in Flash that could lead to Remote Code Execution.
II. Affected
Adobe Flash Player 11.5.502.135 ~ 20.0.0.286
III. Reference
Identified as CVE-2016-4121, and reported to Adobe directly.
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
Original report with an exploit demo which will pop up a calculator works well on fp_11.5.502.135 ~ fp_18.0.0.209 shows how to achieve Remote Code Execution.
IV. Credit
bee13oy of CloverSec Labs
Related
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Use After Free Code Execution (APSB16-15: CVE-2016-4121)
2016-06-13 00:00:00
ubuntucve
ubuntucve
CVE-2016-4121
2016-06-16 00:00:00
nessus
nessus
GLSA-201606-08 : Adobe Flash Player: Multiple vulnerabilities
2016-06-20 00:00:00
Adobe AIR <= 21.0.0.198 Multiple Vulnerabilities (APSB16-15)
2016-05-16 00:00:00
RHEL 5 / 6 : flash-plugin (RHSA-2016:1079)
2016-05-16 00:00:00
prion
prion
Design/Logic Flaw
2016-06-16 14:59:00
cvelist
cvelist
CVE-2016-4121
2016-06-16 14:00:00
nvd
nvd
CVE-2016-4121
2016-06-16 14:59:01
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2016-06-18 00:00:00
cve
cve
CVE-2016-4121
2016-06-16 14:59:01
redhatcve
redhatcve
CVE-2016-4121
2016-05-20 07:48:17
freebsd
freebsd
flash -- multiple vulnerabilities
2016-05-12 00:00:00
openvas
openvas
Adobe Flash Player Security Update (apsa16-02) - Mac OS X
2016-05-12 00:00:00
Adobe Flash Player Security Update (apsa16-02) - Windows
2016-05-12 00:00:00
redhat
redhat
(RHSA-2016:1079) Critical: flash-plugin security update
2016-05-13 00:00:00
kaspersky
kaspersky
KLA10830 Multiple vulnerabilities in Adobe Flash Player
2016-06-16 00:00:00
mscve
mscve
June 2016 Adobe Flash Security Update
2016-06-14 07:00:00