Hacking Team Breach Reveals Two New Critical Flash Zero-Day Exploits

Two more Flash Zero-Day exploits were reported over the weekend, thanks to the deluge of documents leaked from the Hacking Team, the Italian company famous for supplying hacker tools to the world.

Adobe is planning to release a patch for each of the bugs, dubbed CVE-2015-5122 and CVE-2015-5123, on its Web site later this week. The company said both updates are critical.

Cybersecurity companies FireEye and Trend Micro were responsible for discovering the two exploits, which were detailed in the 400 GB of corporate data that was released in the leak of Hacking TeamEUs documents earlier this month. The two vulnerabilities exist in the Windows, Microsoft, and Linux versions of Flash Player 18.0.0.204 and earlier.

The Hits Keep Coming

Reports of new security flaws in the Flash Player software are hardly new. In fact, the two reports come after Adobe issued yet another security patch for Flash Player last week to address another flaw that had been exploited by the Hacking Team and had been quickly adopted by hackers worldwide.

FireEye said that the latest exploit, CVE-2015-5122, was even authored by the same person as last weekEUs reported bug, CVE-2015-5119, both of which it said were well written. Both threats take advantage of the same basic strategy, exploiting the use-after-free vulnerability in DisplayObject.

The vulnerability is triggered by freeing a TextLine object within the valueOf function of a custom class when setting the TextLineEUs opaqueBackground. Once the TextLine object is freed, a Vector object is allocated in its place. Returning from valueOf will overwrite the length field of Vector object with a value of 106. Once the exploit has been triggered, the malicious code could either cause a system crash or allow an attacker to take control of the affected system.

Poses a Risk to Users

The second vulnerability, CVE-2015-5123, discovered by...

Comments are closed.