CVE-2018-4937

HIGH

Adobe Flash Player < 29.0.0.113 - Out-of-bounds Write

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-4937. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit is a SWF file that triggers an out-of-bounds write vulnerability in blur filtering, leading to a reliable crash in Firefox for Linux. The PoC demonstrates a memory corruption issue that could potentially be leveraged for remote code execution.

Description

Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosmultiple

https://www.exploit-db.com/exploits/44529

View Code ZIP pw:eip

This exploit is a SWF file that triggers an out-of-bounds write vulnerability in blur filtering, leading to a reliable crash in Firefox for Linux. The PoC demonstrates a memory corruption issue that could potentially be leveraged for remote code execution.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Firefox for Linux (specific version not specified)

No auth needed

Prerequisites: Victim must open the malicious SWF file in a vulnerable version of Firefox for Linux

MITRE ATT&CK