:: Deepquest ::

No abstract description available in the upcomings!

No abstract description available in the upcomings!

There is a use-after-free in the Adobe Flash Stage.align property setter. When the setter is called, the parameter is converted to a string early, as a part of the new use-after-free prevention changes. This conversion can invoke script, which if the this object is a MovieClip, can delete the object, deleting the thread the call […]

There is a use-after-free in Adobe Flash Selection.setFocus. It is a static method, but if it is called with a this object, it will be called on that object’s thread. Then, if it calls into script, for example, by calling toString on the string parameter, the object, and its thread will be deleted, and a […]

Several methods in Adobe Flash return instances of the Rectangle class. There is a use-after-free in creating these objects for return. If the this object of the call is a MovieClip, the Rectangle instantiation will run on its thread. If a getter is added to this class’s package, it will be invoked when fetching the […]

There is a use-after-free in Adobe Flash BitmapData.copyPixels. If the method is called on a MovieClip, and the MovieClip is deleted during parameter conversions, it is used to convert future parameters, even though it has already been freed.

There is a use-after-free in the Adobe Flash MovieClip Transform getter. If the Transform constructor is replaced with a getter using addProperty, this getter can free the MovieClip before it is accessed.

Keeper suffers from an issue where a trusted UI is injected into an untrusted webpage.

http://nongsim.go.th/by.htm notified by GeNErAL

http://www.korat4.go.th/news/index.html notified by Team System Dz