Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Leverage One-shot UAF to a Minigun

44CON Information Security Conference via YouTube

Start learning Write review
GetSmarter Ad

MIT Sloan: Lead AI Adoption Across Your Organization — Not Just Pilot It

Learn More Corporate Finance Institute Ad

Learn Excel & Financial Modeling the Way Finance Teams Actually Use Them

Learn More

Overview

Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore a novel exploitation technique for Use-After-Free (UAF) vulnerabilities in Adobe Flash in this 41-minute conference talk from the 44CON Information Security Conference. Delve into the Use-After-Use-After-Free (UAUAF) method, which transforms a UAF into a multi-class type confusion, enabling full memory access. Learn how this technique bypasses Adobe's mitigation efforts against common exploitation methods. Examine the detailed exploitation process of CVE-2016-1097, a real-world UAF zero-day vulnerability, from discovery to achieving arbitrary code execution. Gain insights into leveraging object occupations and releases, chaining ROP gadgets, and overcoming challenges in modern Flash exploitation.

Syllabus

Leverage One-shot UAF to a Minigun - Presented By Guanxing Wen

Taught by

44CON Information Security Conference

Reviews

Start your review of Leverage One-shot UAF to a Minigun

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.