This module exploits a use after free vulnerability in Adobe Flash Player. The vulnerability occurs in the ByteArray::UncompressViaZlibVariant method, when trying to uncompress() a malformed byte stream. This module has been tested successfully on: * Windows 7 SP1 (32 bits), IE 8 to IE 11 and Flash 126.96.36.1997, 188.8.131.527 and 184.108.40.206. * Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 220.127.116.117. * Windows 8.1, Firefox 38.0.5 and Adobe Flash 18.104.22.1685. * Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Flash 22.214.171.1244.
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
Time is precious, so I don’t want to do something manually that I can automate. Leveraging the Metasploit Framework when automating any task keeps us from having to re-create the wheel as we can use the existing libraries and focus our efforts where it matters.
– Jim O’Gorman | President, Offensive Security