CVE-2017-3064

HIGH

Adobe Flash Player <= 25.0.0.127 - Memory Corruption via Shape Outline Parsing

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-3064. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit is a Proof of Concept (PoC) for CVE-2017-3064, which involves an out-of-bounds read vulnerability in Adobe Flash Player when processing the width of a TextField. The PoC is provided as a SWF file that triggers the vulnerability.

Description

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability when parsing a shape outline. Successful exploitation could lead to arbitrary code execution.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosmultiple

https://www.exploit-db.com/exploits/42019

View Code ZIP pw:eip

This exploit is a Proof of Concept (PoC) for CVE-2017-3064, which involves an out-of-bounds read vulnerability in Adobe Flash Player when processing the width of a TextField. The PoC is provided as a SWF file that triggers the vulnerability.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Adobe Flash Player (versions affected by CVE-2017-3064)

No auth needed

Prerequisites: Victim must open the malicious SWF file in a vulnerable version of Adobe Flash Player

MITRE ATT&CK