VUPEN Security Research - Adobe Flash ExternalInterface Use-After-Free Code Execution (Pwn2Own) Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- Adobe Flash Player is a cross-platform browser-based application runtime that delivers viewing of expressive applications, content, and videos across screens and browsers. It is installed on 98% of computers. II. DESCRIPTION --------------------- VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash. The vulnerability is caused by a use-after-free error when interacting with the "ExternalInterface" class from the browser, which could be exploited to achieve code execution via a malicious web page. III. AFFECTED PRODUCTS --------------------------- Adobe Flash versions prior to 13.0.0.182 IV. SOLUTION ---------------- Upgrade to Adobe Flash v13.0.0.182. V. CREDIT -------------- This vulnerability was discovered by VUPEN Security. VI. ABOUT VUPEN Security --------------------------- VUPEN is the leading provider of defensive and offensive cyber security intelligence and advanced zero-day research. All VUPEN's vulnerability intelligence results exclusively from its internal and in-house R&D efforts conducted by its team of world-class researchers. VUPEN Solutions: http://www.vupen.com/english/services/ VII. REFERENCES ---------------------- http://helpx.adobe.com/security/products/flash-player/apsb14-09.html http://zerodayinitiative.com/advisories/ZDI-14-092/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0506 VIII. DISCLOSURE TIMELINE ----------------------------- 2014-01-28 - Vulnerability Discovered by VUPEN Security 2014-03-13 - Vulnerability Reported to Adobe During Pwn2Own 2014 2014-04-08 - Vulnerability Fixed by Adobe 2014-04-14 - Public disclosure