Adobe Flash - YUVPlane Decoding Heap Overflow
| EKU-ID: 45631 | CVE: CVE-2017-2986 | OSVDB-ID: |
| Author: Google Security Research | Published: 2017-02-21 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 45631 | CVE: CVE-2017-2986 | OSVDB-ID: |
| Author: Google Security Research | Published: 2017-02-21 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1008 The attached FLV file causes a heap overflow in YUVPlane decoding. To reproduce, put LoadMP4.swf and yuvplane.flv on a server, and visit 127.0.0.1/LoadMP4.swf?file=yvplane.flv. Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/41423.zip