Adobe Flash - Out-of-Bounds Read when Placing Object

Related Vulnerabilities: CVE-2016-1104  
Publish Date: 17 May 2016
                Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=794

There is an out of bounds read when placing a corrupt image. This issue might be exploitable, depending on what is read.

A PoC is attached. To reproduce issue, put both files on a server, and load:

http://127.0.0.1/LoadImage.swf?img=70


Proof of Concept:
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/39825.zip