-: Exploits - Bugs - Vulnerabilities :-
HTTP Adobe SWF Remote Code Execution
This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects an attempt to exploit a vulnerability in Adobe Flash Player which may result in remote code execution.
Adobe Flash Player is an application for playing Flash media files.
Flash Player is prone to a remote buffer-overflow vulnerability when processing SWF files with the 'DefineSceneAndFrameLabelData' tag (tag ID 0x56). The issue stems from an integer overflow when calculating pointers. Attackers can use this issue to write to arbitrary memory locations.
An attacker can exploit the issue by enticing an unsuspecting victim to open a specially crafted multimedia file with the vulnerable application.
Successful exploits will allow the attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Adobe Flash Player 126.96.36.199 and earlier versions are affected.
NOTE: This issue has been fixed in all versions of Adobe Flash Player 188.8.131.52.
Initial investigations suggested that the vulnerability had not been patched in the standalone Adobe Flash Player version 184.108.40.206 for Linux and the standalone Adobe Flash Player version 220.127.116.11 with debug capabilities for Microsoft Windows. The observed behavior that led to this initial conclusion has since been confirmed by Adobe as intended by design.
S.u.S.E. SUSE Linux Enterprise Desktop 10 SP1
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
S.u.S.E. Novell Linux Desktop 9
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
RedHat Enterprise Linux Supplementary 5 server
RedHat Enterprise Linux Extras 4
RedHat Enterprise Linux Extras 3
RedHat Enterprise Linux Desktop Supplementary 5 client
Apple Mac OS X Server 10.5.2
Apple Mac OS X Server 10.5.1
Apple Mac OS X Server 10.4.11
Apple Mac OS X Server 10.5
Apple Mac OS X 10.5.2
Apple Mac OS X 10.5.1
Apple Mac OS X 10.4.11
Apple Mac OS X 10.5
Adobe Flex 3.0
Adobe Flash Professional 8
Adobe Flash Player Plugin 9.0.31 .0
Adobe Flash Player Plugin 9.0.28 .0
Adobe Flash Player Plugin 9.0.20 .0
Adobe Flash Player Plugin 9.0.16
Adobe Flash Player Plugin 8.0
Adobe Flash Player Plugin 9.0.18d60
Adobe Flash Player 18.104.22.168
Adobe Flash Player 22.214.171.124
Adobe Flash Player 126.96.36.199
Adobe Flash Player 188.8.131.52
Adobe Flash Player 184.108.40.206
Adobe Flash Player 220.127.116.11
Adobe Flash Player 9
Adobe Flash Player 18.104.22.168
Adobe Flash Player 22.214.171.124
Adobe Flash CS3 Professional 0
Adobe Flash Basic 8
Adobe AIR 1.0
The vendor released Flash Player 126.96.36.199 to address this issue. Please see the references for more information.
Possible False Positives:
There are no known false positives associated with this signature.
SecurityFocus BID: 28695