Skip to navigation Skip to main content Skip to footer

Flash local-with-filesystem Bypass in navigateToURL

16 September 2016

By NCC Group Publication Archive

Research Cyber Security Technical advisories

Title                           Flash local-with-filesystem Bypass in navigateToURL
Reference                 VT-19
Discoverer                Soroush Dalili and Matthew Evans
Vendor                      Adobe
Vendor Reference

https://helpx.adobe.com/security/products/flash-player/apsb16-25.html
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html

Systems Affected     Adobe Flash in Internet Explorer (Prior to 23.0.0.162)
CVE Reference         CVE-2016-4178, CVE-2016-4277
Risk                            Low
Status                        Fixed

Download technical advisory

NCC Group Publication Archive

NCC Group Publication Archive