Now you have two problems, and one of them is Flash.

Project Zero: (^Exploiting)\s(CVE-2015-0318)\s(in)\s*(Flash$)

Quick summary - it's a bug in the PCRE regex engine as used in Flash. Spoiler: it's exploitable. [...]

Below is what happens when we compile a regex that combines the \c escape sequence (which is intended to match a single ASCII character) with a multibyte UTF-8 character. A simple trigger for the bug is '\\c\xd0\x80+', below. [...]

So clearly something has gone wrong... The question is now how to leverage this invalid bytecode to get code execution.

Previously, previously, previously, previously, previously, previously, previously, previously.

Tags: , ,

4 Responses:

  1. phuzz says:

    Flash has fully taken over Java's role of 'plugin you want to uninstall but need to keep around to access that one old web interface' now hasn't it?

    • phuzz says:

      And a few hours after I write that we move to a new courier service that insist on using Java on their website to print the labels automatically. WHY?!

      • mattyj says:

        Just a couple years ago, the place I am now a former employee of used an old ADP online app that not only was Java, but required IE6. Alone, neither of those make sense but combined I think it means there's a glitch in the Matrix.

    • basil says:

      You may need to keep a browser around for some internal shit. Keep it in a VM if possible, and use a proper browser for everything else.

  • Previously