XLAB ID: XLAB-15-006
CVE ID: CVE-2015-5581
Patch Status: Fixed
The specific flaw exists within the DisplayObject’s mask property. By maniuplating display list attacker can force a dangling pointer to be reuesed after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process.
|2015/05/07||Provide vulnerability detail to Adobe via firstname.lastname@example.org|
|2015/05/09||Adobe responded that they had opened case PSIRT-3665 for the issuse|
|2015/09/18||Adobe responded that they had assigned CVE-2015-5581 to the issue|
This vulnerability was discovered by: Kai Kang