Adobe Flash - MP4 AMF Parsing Overflow
| EKU-ID: 45628 | CVE: CVE-2017-2992 | OSVDB-ID: |
| Author: Google Security Research | Published: 2017-02-21 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 45628 | CVE: CVE-2017-2992 | OSVDB-ID: |
| Author: Google Security Research | Published: 2017-02-21 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1018 There is an overflow in MP4 AMF parsing. To reproduce, put the attached files on a server and visit http://127.0.0.1/LoadMP4.swf?file=unsigned.mp4. Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/41420.zip