How Hacking Team Hacked Flash
(Check my last discussion to see what I am fully talking about.)
The exploit can affect Adobe Flash Player 9 and or later, and that Chrome, Firefox and Safari are all currently affected.
Now... HackingTeam has a POC, in this POC they contain a ReadMe file. In this ReadMe file it says how they exploited said vulnerability. Supposedly, it is a ByteArray User-after-User exploit. (If you want to know how this said vulnerability can be exploited, put it in comments and I will try to thoroughly put how to exploit.)
After you trigger the User-After-User vulnerability, it corrupts the current target. It is a quite complex attack to be honest, but can be described easily if known how to be done.
Now, this method also bypasses Control Flow Guard by overwriting a static function code address. But that is for another time...
In my last post, I mentioned they patched one of the vulnerabilities but forgot to put the CVE. The CVE is: CVE-2015-0349.
That is all for now! I will now be making a post about the Windows exploit.