![]() We later raise a dummy exception and immediately catch it ourselves. ![]() “In the beginning we load the with-scope with a legit object. In his technical write-up Dabah further explains: “The interpreter code of the Action Script Virtual Machine does not reset a with-scope pointer when an exception is caught, leading later to a type confusion bug, and eventually to a remote code execution,” Dabah wrote. The researcher published his finding on the bug November 15, five days ahead of Adobe’s fix. Israel-based researcher Gil Dabah is credited for identifying the flaw. “Usually, when a piece of code doesn’t verify the type of object that is passed to it, and uses it blindly without type-checking, it leads to type confusion,” according to a Microsoft description of the bug. The bug is a type “confusion” vulnerability, which is a common attack technique used against Adobe’s ActionScript Virtual Machine. In tandem, a Microsoft Security Advisory was also issued for the bug (CVE-2018-15981) on Tuesday. Affected are versions of the Flash Player running on Windows, macOS, Linux and Chrome OS. Adobe released a patch for a critical flaw on Tuesday that leaves its Flash Player vulnerable to arbitrary code execution by an adversary.
0 Comments
Leave a Reply. |