Posts

Angler EK is exploiting Adobe Flash Vulnerability (CVE-2015-5560)

There is an integer overflow vulnerability in Adobe Flash Player 18.0.0.209 and earlier versions. The vulnerability is triggered when Flash Player loads and parses an contrieved MP3 file with compressed ID3 data greater than 0x2aaaaaaa bytes. This causes an interger overflow in the buffer that allocates this data. This results in copying a large amount of data in to a small buffer.

Not long after the disclosure of the vulnerability, Angler exploit kit has been cited to be using exploits for this vulnerability.

The issues only affects 64bit platforms. The vulnerability is referred by CVE as CVE-2015-5560.