CVE-2015-3088
Adobe Flash Player <13.0.0.289-17.0.0.188 - Buffer Overflow
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2015-3088. PoCs published by Google Security Research.
AI-analyzed exploit summary This exploit demonstrates a use-after-free (UAF) vulnerability in Adobe Flash Player's AVSS.setSubscribedTags function, allowing arbitrary code execution by manipulating heap memory through custom toString methods.
Description
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allows attackers to execute arbitrary code via unspecified vectors.
Exploits (1)
This exploit demonstrates a use-after-free (UAF) vulnerability in Adobe Flash Player's AVSS.setSubscribedTags function, allowing arbitrary code execution by manipulating heap memory through custom toString methods.