No description, website, or topics provided.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
CVE-2018-4878 Initial commit Feb 9, 2018 Initial commit Feb 9, 2018

CVE-2018-4878 POC

CVE-2018-4878 was first demonstrated being exploited in the wild by TEMP.Reaper.

This repository contains the POC we created from the analysed malware, which is known to work against 32-bit versions of Flash 27 by exploiting a Use-After-Free vulnerability.

Successful exploitation provides the attacker with a ByteArray object capable of modifying process memory.

The full breakdown of the vulnerability can be found here.