CVE-2016-1102

HIGH

Adobe Flash Player <=21.0.0.213 JXR Processing - Out-of-Bounds Read

Title source: manual

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-1102. PoCs published by Google Security Research.

AI-analyzed exploit summary The exploit describes an out-of-bounds read vulnerability in JXR processing, which could lead to an information leak. It references a Proof of Concept (PoC) file and provides reproduction steps using LoadImage.swf.

Description

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Google Security Research · textdosmultiple

https://www.exploit-db.com/exploits/39824

View Code ZIP pw:eip

The exploit describes an out-of-bounds read vulnerability in JXR processing, which could lead to an information leak. It references a Proof of Concept (PoC) file and provides reproduction steps using LoadImage.swf.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: JXR processing (specific software not explicitly named)

No auth needed

Prerequisites: Access to LoadImage.swf and the PoC file '8'

MITRE ATT&CK