1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Adobe Flash SWF Plugin Code Exec

HTTP Adobe Flash SWF Plugin Code Exec

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an invalid FLV file that can overflow a buffer in Adobe Flash Player.

Additional Information

Adobe Flash Player is a multimedia application for Microsoft Windows, Mozilla, and Apple technologies.

Adobe Flash Player is prone to a remote code-execution vulnerability because it fails to properly sanitize user-supplied input. Specifically, the application fails to properly handle a malformed SWF file.

An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious file.

A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the victim running the vulnerable application.

Affected

  • Adobe Flash Player 7.0, 8.0, 9.0
  • Adobe Flash Player Plugin 7.0.25, 7.0.63, 8.0, 9.0, 9.0.16, 9.0.20.0, 9.0.28.0, 9.0.31.0
  • Apple Mac OS X 10.3, 10.3.1, 10.3.2, 10.3.3, 10.3.4, 10.3.5, 10.3.6, 10.3.7, 10.3.8, 10.3.9, 10.4, 10.4.1, 10.4.2, 10.4.3, 10.4.4, 10.4.5, 10.4.6, 10.4.7, 10.4.8, 10.4.9, 10.4.10, 10.4.11
  • Apple Mac OS X Server 10.3, 10.3.1, 10.3.2, 10.3.3, 10.3.4, 10.3.5, 10.3.6, 10.3.7, 10.3.8, 10.3.9, 10.4, 10.4.1, 10.4.2, 10.4.3, 10.4.4, 10.4.5, 10.4.6, 10.4.7, 10.4.8, 10.4.9, 10.4.10, 10.4.11
  • Foresight Linux Foresight Linux 1.1
  • Gentoo Linux
  • Macromedia Flash 7.0.66.0, 8.0, 8.0.33.0, 7.0, 7.0 r19, 7.0.19.0, 7.0.25.0, 7.0.60.0, 7.0.61.0, 7.0.63.0, 8.0.22.0, 8.0.24.0
  • Nintendo Nintendo Wii
  • RedHat Enterprise Linux Desktop Supplementary v.5 client
  • RedHat Enterprise Linux Extras v.3, v.4
  • RedHat Enterprise Linux Supplementary v.5 server
  • S.u.S.E. Linux 10.0
  • S.u.S.E. Linux Desktop 1.0
  • S.u.S.E. Linux Enterprise Server 8
  • S.u.S.E. Linux Personal 10.1, 10.0 OSS
  • S.u.S.E. Linux Professional 10.0, 10.0 OSS, 10.1
  • S.u.S.E. Novell Linux Desktop 9
  • S.u.S.E. openSUSE 10.2
  • S.u.S.E. SUSE Linux Enterprise Server 10 SP1
  • S.u.S.E. SuSE Linux Openexchange Server 4.0
  • S.u.S.E. SUSE LINUX Retail Solution 8.0
  • S.u.S.E. SuSE Linux School Server for i386
  • S.u.S.E. SuSE Linux Standard Server 8.0
  • S.u.S.E. UnitedLinux 1.0
  • Sun Solaris 10_x86, 8.0, 8.0_x86, 9.0, 9.0_x86, 10.0
  • Turbolinux FUJI
  • Turbolinux wizpy

Response

The vendor has released updates to resolve this issue.

Please see the references for more information.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube