Star 0

Abstract

This talk will introduce Use-After-Use-After-Free (UAUAF), a novel and relatively universal exploitation technique for UAF vulnerabilities in Adobe Flash. By leveraging a sequence of object occupations and releases, UAUAF can transform a UAF into a multi-class type confusion. Full memory access is gained upon the mitigations recently added by Adobe. More importantly, this talk will illustrate UAUAF by CVE-2016-1097, a real UAF 0day that I reported to Adobe in May. Exploitation process, i.e., from discovering the 0day, gaining full memory access, chaining ROP gadgets, to the final code execution will be presented in detail.

Papers

Slides