Severity: High
This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
Description:
This signature detects an attempt to exploit a vulnerability in Adobe Flash Player which may result in remote code execution.
Additional Information:
Adobe Flash Player is an application for playing Flash media files.
Flash Player is prone to a remote buffer-overflow vulnerability when processing SWF files with the 'DefineSceneAndFrameLabelData' tag (tag ID 0x56). The issue stems from an integer overflow when calculating pointers. Attackers can use this issue to write to arbitrary memory locations.
An attacker can exploit the issue by enticing an unsuspecting victim to open a specially crafted multimedia file with the vulnerable application.
Successful exploits will allow the attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Adobe Flash Player 9.0.115.0 and earlier versions are affected.
NOTE: This issue has been fixed in all versions of Adobe Flash Player 9.0.124.0.
Initial investigations suggested that the vulnerability had not been patched in the standalone Adobe Flash Player version 9.0.124.0 for Linux and the standalone Adobe Flash Player version 9.0.124.0 with debug capabilities for Microsoft Windows. The observed behavior that led to this initial conclusion has since been confirmed by Adobe as intended by design.
Affected:
Turbolinux wizpy
Turbolinux FUJI
S.u.S.E. SUSE Linux Enterprise Desktop 10 SP1
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
S.u.S.E. Novell Linux Desktop 9
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
RedHat Enterprise Linux Supplementary 5 server
RedHat Enterprise Linux Extras 4
RedHat Enterprise Linux Extras 3
RedHat Enterprise Linux Desktop Supplementary 5 client
Gentoo Linux
Apple Mac OS X Server 10.5.2
Apple Mac OS X Server 10.5.1
Apple Mac OS X Server 10.4.11
Apple Mac OS X Server 10.5
Apple Mac OS X 10.5.2
Apple Mac OS X 10.5.1
Apple Mac OS X 10.4.11
Apple Mac OS X 10.5
Adobe Flex 3.0
Adobe Flash Professional 8
Adobe Flash Player Plugin 9.0.31 .0
Adobe Flash Player Plugin 9.0.28 .0
Adobe Flash Player Plugin 9.0.20 .0
Adobe Flash Player Plugin 9.0.16
Adobe Flash Player Plugin 8.0
Adobe Flash Player Plugin 9.0.18d60
Adobe Flash Player 9.0.48.0
Adobe Flash Player 9.0.47.0
Adobe Flash Player 9.0.45.0
Adobe Flash Player 9.0.31.0
Adobe Flash Player 9.0.28.0
Adobe Flash Player 9.0.115.0
Adobe Flash Player 9
Adobe Flash Player 8.0.35.0
Adobe Flash Player 8.0.34.0
Adobe Flash CS3 Professional 0
Adobe Flash Basic 8
Adobe AIR 1.0
Response:
The vendor released Flash Player 9.0.124.0 to address this issue. Please see the references for more information.
Possible False Positives:
There are no known false positives associated with this signature.
Additional References:
CVE-2007-0071
SecurityFocus BID: 28695
This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
Description:
This signature detects an attempt to exploit a vulnerability in Adobe Flash Player which may result in remote code execution.
Additional Information:
Adobe Flash Player is an application for playing Flash media files.
Flash Player is prone to a remote buffer-overflow vulnerability when processing SWF files with the 'DefineSceneAndFrameLabelData' tag (tag ID 0x56). The issue stems from an integer overflow when calculating pointers. Attackers can use this issue to write to arbitrary memory locations.
An attacker can exploit the issue by enticing an unsuspecting victim to open a specially crafted multimedia file with the vulnerable application.
Successful exploits will allow the attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Adobe Flash Player 9.0.115.0 and earlier versions are affected.
NOTE: This issue has been fixed in all versions of Adobe Flash Player 9.0.124.0.
Initial investigations suggested that the vulnerability had not been patched in the standalone Adobe Flash Player version 9.0.124.0 for Linux and the standalone Adobe Flash Player version 9.0.124.0 with debug capabilities for Microsoft Windows. The observed behavior that led to this initial conclusion has since been confirmed by Adobe as intended by design.
Affected:
Turbolinux wizpy
Turbolinux FUJI
S.u.S.E. SUSE Linux Enterprise Desktop 10 SP1
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
S.u.S.E. Novell Linux Desktop 9
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
RedHat Enterprise Linux Supplementary 5 server
RedHat Enterprise Linux Extras 4
RedHat Enterprise Linux Extras 3
RedHat Enterprise Linux Desktop Supplementary 5 client
Gentoo Linux
Apple Mac OS X Server 10.5.2
Apple Mac OS X Server 10.5.1
Apple Mac OS X Server 10.4.11
Apple Mac OS X Server 10.5
Apple Mac OS X 10.5.2
Apple Mac OS X 10.5.1
Apple Mac OS X 10.4.11
Apple Mac OS X 10.5
Adobe Flex 3.0
Adobe Flash Professional 8
Adobe Flash Player Plugin 9.0.31 .0
Adobe Flash Player Plugin 9.0.28 .0
Adobe Flash Player Plugin 9.0.20 .0
Adobe Flash Player Plugin 9.0.16
Adobe Flash Player Plugin 8.0
Adobe Flash Player Plugin 9.0.18d60
Adobe Flash Player 9.0.48.0
Adobe Flash Player 9.0.47.0
Adobe Flash Player 9.0.45.0
Adobe Flash Player 9.0.31.0
Adobe Flash Player 9.0.28.0
Adobe Flash Player 9.0.115.0
Adobe Flash Player 9
Adobe Flash Player 8.0.35.0
Adobe Flash Player 8.0.34.0
Adobe Flash CS3 Professional 0
Adobe Flash Basic 8
Adobe AIR 1.0
Response:
The vendor released Flash Player 9.0.124.0 to address this issue. Please see the references for more information.
Possible False Positives:
There are no known false positives associated with this signature.
Additional References:
CVE-2007-0071
SecurityFocus BID: 28695
Comments
0 comments to "HTTP Adobe SWF Remote Code Execution"
Post a Comment