This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts to exploit a remote code execution vulnerability in Adobe Flash Player.
Adobe Flash Player is an application for playing Flash media files.
Flash Player is prone to a remote buffer-overflow vulnerability when processing SWF files with the 'DefineSceneAndFrameLabelData' tag (tag ID 0x56). The issue stems from an integer overflow when calculating pointers. Attackers can use this issue to write to arbitrary memory locations.
An attacker can exploit the issue by enticing an unsuspecting victim to open a specially crafted multimedia file with the vulnerable application.
Successful exploits will allow the attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Adobe Flash Player 22.214.171.124 and earlier versions are affected.
NOTE: This issue has been fixed in all versions of Adobe Flash Player 126.96.36.199.
Initial investigations suggested that the vulnerability had not been patched in the standalone Adobe Flash Player version 188.8.131.52 for Linux and the standalone Adobe Flash Player version 184.108.40.206 with debug capabilities for Microsoft Windows. The observed behavior that led to this initial conclusion has since been confirmed by Adobe as intended by design.
- Adobe Flash Player 220.127.116.11 and earlier versions are affected.
The vendor released Flash Player 18.104.22.168 to address this issue. Please see the references for more information.