EIP-2026-103836

PRE-CVE

Adobe Flash Player - Integer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103836. PoCs published by ryujin.

AI-analyzed exploit summary This is a functional exploit for CVE-2015-3104, an integer overflow vulnerability in Adobe Flash Player. It leverages heap manipulation and ROP chains to achieve remote code execution by corrupting ByteArray objects and controlling execution flow.

Description

Adobe Flash Player - Integer Overflow

Exploits (1)

exploitdb WORKING POC VERIFIED

by ryujin · remotemultiple

https://www.exploit-db.com/exploits/50290

View Code ZIP pw:eip

This is a functional exploit for CVE-2015-3104, an integer overflow vulnerability in Adobe Flash Player. It leverages heap manipulation and ROP chains to achieve remote code execution by corrupting ByteArray objects and controlling execution flow.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Adobe Flash Player (versions affected by CVE-2015-3104)

No auth needed

Prerequisites: Victim must have vulnerable Adobe Flash Player installed · Attacker must deliver the exploit via a malicious SWF file

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026