![]() ![]() The embedded SWF is heavily obfuscated, but the code has much in common with the source code for Angler EK’s CVE-2015-0313 exploit. ![]() Here’s a somewhat beautified example of this process: The obfuscated SWF contains an encoded SWF (MD5: d45808cfa6f3cbfb343fdea269fdc375), which is later decoded and loaded into Flash, without getting saved on disk. Not too long ago we came across a sample from the Angler Exploit kit (MD5: 049ff69bc23f36a78d86bbf1356c2f63c), which allegedly exploits CVE-2015-0359. For more on Flash vulnerabilities, we also invite you to read " The Latest UAF Vulnerabilities in Exploit Kits," published May 28 by Tao Yan. What follows is a detailed analysis of the root cause of a vulnerability we call CVE-2015-X, as well as a step-by-step explanation of how to trigger it.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |