module
Adobe Flash Player MP4 'cprt' Overflow
| Disclosed | Created |
|---|---|
| Feb 15, 2012 | May 30, 2018 |
Disclosed
Feb 15, 2012
Created
May 30, 2018
Description
This module exploits a vulnerability found in Adobe Flash
Player. By supplying a corrupt .mp4 file loaded by Flash, it
is possible to gain arbitrary remote code execution under the
context of the user.
This vulnerability has been exploited in the wild as part of
the "Iran's Oil and Nuclear Situation.doc" e-mail attack.
According to the advisory, 10.3.183.15 and 11.x before
11.1.102.62 are affected.
Player. By supplying a corrupt .mp4 file loaded by Flash, it
is possible to gain arbitrary remote code execution under the
context of the user.
This vulnerability has been exploited in the wild as part of
the "Iran's Oil and Nuclear Situation.doc" e-mail attack.
According to the advisory, 10.3.183.15 and 11.x before
11.1.102.62 are affected.
Authors
Alexander Gavrun
sinn3r sinn3r@metasploit.com
juan vazquez juan.vazquez@metasploit.com
sinn3r sinn3r@metasploit.com
juan vazquez juan.vazquez@metasploit.com
Platform
Windows
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.