CVE-2015-5119 PoC — Adobe Flash Player ActionScript 3 缓冲区溢出漏洞

Source

https://github.com/dangokyo/CVE-2015-5119

Associated Vulnerability

Title:Adobe Flash Player ActionScript 3 缓冲区溢出漏洞 (CVE-2015-5119)
Description:Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.

Readme

# CVE-2015-5119

A COOP like exploit

![alt text](https://github.com/dangokyo/CVE-2015-5119/blob/master/20180820001.png)

File Snapshot


 [4.0K]  /data/pocs/f479218a0dfdf1939efeaf149255f8ebeb81d7ea
├── [200K]  20180820001.png
├── [4.0K]  bin
│   ├── [5.1K]  CVE-2015-5119.swf
│   ├── [ 773]  expressInstall.swf
│   ├── [ 885]  index.html
│   └── [4.0K]  js
│       └── [10.0K]  swfobject.js
├── [ 122]  README.md
└── [4.0K]  src
    ├── [ 420]  Address64.as
    ├── [9.9K]  Exploiter64.as
    ├── [ 569]  Logger.as
    ├── [ 412]  Main.as
    ├── [ 186]  MyClass1.as
    ├── [ 10K]  MyClass2.as
    └── [1.8K]  MyClass.as

3 directories, 13 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!