Adobe Flash Vulnerability CVE-2015-7663 and Mitigating Exploits


Adobe released a patch for CVE-2015-7663 that addresses a vulnerability we discovered in Flash Player. The vulnerability exists due to the improper tracking of freed allocations associated with a “Renderer” object when handling multiple progress bar additions. This can be forced to overflow a Bitmap object corrupting adjacent memory. As we will discuss later, we originally exploited this bug in the lab using the common Vector length corruption target. In this post I wanted to focus on mitigating the exploitation of Flash Player, and the challenges associated with it, instead of the traditional look at this particular vulnerability in detail.