CVE-2017-3061

CRITICAL

Adobe Flash Player <= 25.0.0.127 - Memory Corruption in SWF Parser

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-3061. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit leverages a heap corruption vulnerability in Adobe Flash Player when processing margins of a rich text field in a malformed SWF file. The provided SWF file triggers the crash, demonstrating the vulnerability.

Description

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosmultiple

https://www.exploit-db.com/exploits/42018

View Code ZIP pw:eip

This exploit leverages a heap corruption vulnerability in Adobe Flash Player when processing margins of a rich text field in a malformed SWF file. The provided SWF file triggers the crash, demonstrating the vulnerability.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Adobe Flash Player (versions affected by CVE-2017-3061)

No auth needed

Prerequisites: Victim must open the malicious SWF file in a vulnerable version of Adobe Flash Player

MITRE ATT&CK