CVE-2017-3077

CRITICAL

Adobe Flash Player <= 25.0.0.171 - Memory Corruption in PNG Image Parser

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-3077. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit leverages an out-of-bounds read vulnerability in Adobe Flash when decoding a malformed PNG file. The PoC includes a SWF file and a crafted PNG that triggers the issue when accessed via a specific URL.

Description

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the PNG image parser. Successful exploitation could lead to arbitrary code execution.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosmultiple

https://www.exploit-db.com/exploits/42248

View Code ZIP pw:eip

This exploit leverages an out-of-bounds read vulnerability in Adobe Flash when decoding a malformed PNG file. The PoC includes a SWF file and a crafted PNG that triggers the issue when accessed via a specific URL.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Adobe Flash Player (versions affected by CVE-2017-3077)

No auth needed

Prerequisites: Web server to host the SWF and PNG files · Victim must visit the crafted URL

MITRE ATT&CK