Angler EK is exploiting Adobe Flash Vulnerability

September 4, 2015

There is an integer overflow vulnerability in Adobe Flash Player and earlier versions. The vulnerability is triggered when Flash Player loads and parses an contrieved MP3 file with compressed ID3 data greater than 0x2aaaaaaa bytes. This causes an interger overflow in the buffer that allocates this data. This results in copying a large amount of data in to a small buffer.

Not long after the disclosure of the vulnerability, Angler exploit kit has been cited to be using exploits for this vulnerability.

The issues only affects 64bit platforms. The vulnerability is referred by CVE as CVE-2015-5560.