FILE-FLASH -- Snort has detected suspicious traffic via the Adobe Flash Player. Flash is a common target of code execution, overflow, DoS, and memory corruption attacks in particular, via swifs, action scripts, etc. Many networks block Flash altogether; the application will be deprecated in 2020.
FILE-FLASH Adobe Flash Player movieclip duplicateMovieClip use-after-free attempt
This event is generated when, an attempt to exploit Adobe Flash Player using memory already released, is detected. Impact: Attempted User Privilege Gain Details: This crafted SWF file exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to a Use-After-Free in the MovieClip.duplicateMovieClip function. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the flash process. Ease of Attack: High
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2015-8412 |
Loading description
|