CVE-2017-2931

HIGH

Adobe Flash Player < 24.0.0.186 - Memory Corruption via SWF Metadata Parsing

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-2931. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit triggers an out-of-bounds read vulnerability in the metadata parsing of a specific file format. The PoC is provided as a binary file (41608.zip) that demonstrates the issue when processed by the target software.

Description

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata. Successful exploitation could lead to arbitrary code execution.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosmultiple

https://www.exploit-db.com/exploits/41608

View Code ZIP pw:eip

This exploit triggers an out-of-bounds read vulnerability in the metadata parsing of a specific file format. The PoC is provided as a binary file (41608.zip) that demonstrates the issue when processed by the target software.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Unknown (likely a media or file parsing library, possibly related to Chromium or a related project)

No auth needed

Prerequisites: Ability to deliver the malicious file to the target system · Target software must parse the file's metadata

MITRE ATT&CK