### [CVE-2015-7645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7645)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535 on Linux allows remote attackers to execute arbitrary code via a crafted SWF file, as exploited in the wild in October 2015.

### POC

#### Reference
- http://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-flash-zero-day-used-in-pawn-storm-campaign/
- http://packetstormsecurity.com/files/134009/Adobe-Flash-IExternalizable.writeExternal-Type-Confusion.html
- https://www.exploit-db.com/exploits/38490/

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Advisory-Emulations/APT-37
- https://github.com/ChennaCSP/APT37-Emulation-plan
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Panopticon-Project/panopticon-APT28
- https://github.com/Panopticon-Project/panopticon-FancyBear