module
Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability
| Disclosed | Created |
|---|---|
| Apr 11, 2011 | May 30, 2018 |
Disclosed
Apr 11, 2011
Created
May 30, 2018
Description
This module exploits a vulnerability in Adobe Flash Player that was discovered,
and has been exploited actively in the wild. By embedding a specially crafted .swf
file, Adobe Flash crashes due to an invalid use of an object type, which allows
attackers to overwrite a pointer in memory, and results arbitrary code execution.
Please note for IE 8 targets, Java Runtime Environment must be available on the
victim machine in order to work properly.
and has been exploited actively in the wild. By embedding a specially crafted .swf
file, Adobe Flash crashes due to an invalid use of an object type, which allows
attackers to overwrite a pointer in memory, and results arbitrary code execution.
Please note for IE 8 targets, Java Runtime Environment must be available on the
victim machine in order to work properly.
Author
sinn3r [email protected]
Platform
Windows
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.