CVE-2018-4934

MEDIUM

Adobe Flash Player < 29.0.0.113 - Out-of-bounds Read

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-4934. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit leverages a vulnerability in image inflation to cause an information leak or crash. The PoC involves serving a malformed image file that, when rendered, exposes uninitialized memory or crashes the application.

Description

Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosmultiple

https://www.exploit-db.com/exploits/44528

View Code ZIP pw:eip

This exploit leverages a vulnerability in image inflation to cause an information leak or crash. The PoC involves serving a malformed image file that, when rendered, exposes uninitialized memory or crashes the application.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Adobe Acrobat and Reader (versions prior to 2018-04-09)

No auth needed

Prerequisites: A webserver to host the malformed image file · Victim interaction to visit the crafted URL

MITRE ATT&CK