Security News > 2015 > July > Hacking Team's Flash 0-day exploit used against Korean targets before it was leaked (Help Net Security)
2015-07-09 10:13
The Adobe Flash zero-day (CVE-2015-5119) exploit found in the Hacking Team's leaked data has already been added to several exploit kits, but Trend Micro researchers have found evidence of it being use...
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/0n9bZrvDqLE/secworld.php
Related news
- Week in review: Microsoft patches actively exploited 0-days, Amazon and HSBC employee data leaked (source)
- China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer (source)
- PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files (source)
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)
- Critical security hole in Apache Struts under exploit (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-07-08 | CVE-2015-5119 | Use After Free vulnerability in multiple products Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015. | 9.8 |