Adobe Flash Player versions prior to 22.0.0.192 and 18.0.0.360 suffer from a DLL hijacking vulnerability.
f6c1e0db1cf0414a2c4e623656746bf18311c21d232ce0247945fb82f69047edThis Metasploit module exploits a vulnerability found in the ActiveX component of Adobe Flash Player before 11.3.300.271. By supplying a corrupt Font file used by the SWF, it is possible to gain arbitrary remote code execution under the context of the user, as exploited in the wild.
b495613b72210817067894eb7ff5c08f46dcd44c9088ea935d0a7be729049d9aRed Hat Security Advisory 2012-1173-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB12-18, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.238.
c10d85f5137cb075e49ec0b6380b902d41df64cf1042cece8b3a15b524552b6aGentoo Linux Security Advisory 201206-21 - Multiple vulnerabilities have been found in Adobe Flash Player could result in the execution of arbitrary code or Denial of Service. Versions less than 11.2.202.236 are affected.
7222e3252d7d0fdb64aebdfc3716ee393821e2bc4558b1b340a50587b3420c6cThis Metasploit module exploits a vulnerability found in Adobe Flash Player. By supplying a corrupt AMF0 "_error" response, it is possible to gain arbitrary remote code execution under the context of the user. This vulnerability has been exploited in the wild as part of the "World Uyghur Congress Invitation.doc" e-mail attack. According to the advisory, 10.3.183.19 and 11.x before 11.2.202.235 are affected.
278d32f3bc7f3344e48d9ed25bcb65be25041499b78ba981e26d568f755202eeThis Metasploit module exploits a vulnerability in Adobe Flash Player versions 10.3.181.23 and earlier. This issue is caused by a failure in the ActionScript3 AVM2 verification logic. This results in unsafe JIT(Just-In-Time) code being executed. This is the same vulnerability that was used for attacks against Korean based organizations. Specifically, this issue occurs when indexing an array using an arbitrary value, memory can be referenced and later executed. Taking advantage of this issue does not rely on heap spraying as the vulnerability can also be used for information leakage. Currently this exploit works for IE6, IE7, IE8, Firefox 10.2 and likely several other browsers under multiple Windows platforms. This exploit bypasses ASLR/DEP and is very reliable.
e26bbead67100b455a3fddb8cfcf7df0baddef6b4fbc68f4cc261a2c4dea9972Red Hat Security Advisory 2012-0722-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes several vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB12-14, listed in the References section. Several security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
ecdbd222d0515d25680731defe7dbecc336e7f60c44b403ad6c79db2c84c9be7Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
e20802e5ee8e20761cfe1c8512cf01f5cdb21558d860ba633195fec7301b5b0eZero Day Initiative Advisory 12-080 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of MP4 files. A size value is read from MP4 files and used for size calculation without proper validation. The arithmetic performed on the size value can cause integer overflows, resulting in undersized allocations. This undersized memory allocation can be subsequently overpopulated with data supplied by the input file which can be used to gain remote code execution under the context of the current process.
7d4277c0240390dfaf844d794201f5813348bc3c4e7a17ba30d5fa943904ac26Red Hat Security Advisory 2012-0688-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB12-09, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the specially-crafted SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.183.19.
5d3d94c580242304ad1db49f92b8d1b2db7dde614f6355c09efaba9df53cd86dApple Security Advisory 2012-05-14-2 - This update disables Adobe Flash Player if it is older than 10.1.102.64 by moving its files to a new directory. This update presents the option to install an updated version of Flash Player from the Adobe website.
a18bf4afd49f0790a7800f00c7179cc923a3890a42c7c396c63645d35c123d0dSecunia Security Advisory - A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
8416b6dd845c6b83a4da1822b91efeb94834aecf98e3f9d0b3082a81495a1002This Metasploit module exploits a vulnerability in Adobe Flash Player for Linux, version 10.0.12.36 and 9.0.151.0 and prior. An input validation vulnerability allows command execution when the browser loads a SWF file which contains shell metacharacters in the arguments to the ActionScript launch method. The victim must have Adobe AIR installed for the exploit to work. This Metasploit module was tested against version 10.0.12.36 (10r12_36).
93d7262043fea9cda6bcae5df8301841074b655ead8497ddc9cbc8fb6a8f410cVUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by an invalid object being used when parsing a malformed video via "NetStream.appendBytes", which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP enabled.
9b4488d35212ce158b36f3b2eb967b148fddbf040de1f99a30ab5a53f3202ef4Gentoo Linux Security Advisory 201204-7 - Multiple vulnerabilities in Adobe Flash Player, the worst of which might allow remote attackers to execute arbitrary code. Versions less than 11.2.202.228 are affected.
bcf33f097735edaa2dba3ae55379f08e72c0e989bf92ca775ea579c3a0dded65Zero Day Initiative Advisory 12-057 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Flash Player handles the update of a NetStream object via the appendBytes method which can lead to a use-after-free condition when the function returns. This can result in remote code execution under the context of the current process.
f10032eed460124a4fc1a534f5ee945f69ee0a881a07088857826cb6ecded560Adobe Flash Player versions prior to 10.3.183.16 and 11.x before 11.1.102.63 suffer from an information disclosure vulnerability. This archive has research related to this issue, proof of concept source code, and a swf that demonstrates the issue.
a3e0acb403967ecb2ab50b95e92c7801505af37a7f830f9ad5119219170efa9fSecunia Security Advisory - Two vulnerabilities have been reported in Adobe Flash Player and Adobe AIR, which can be exploited by malicious people to compromise a user's system.
33ff8fc72aa2fcaf076d0093973a9d8c3f83484facec38dfaacc2b7ee5d2590aRed Hat Security Advisory 2012-0434-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB12-07, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the specially-crafted SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.183.18.
214097b723d5e1016a9378358b8884c8afd2d66057492714e906754204d059ddVUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a memory corruption error within the Matrix3D class when processing malformed 3D data within SWF files, which could be exploited by attackers to potentially compromise a vulnerable system or disclose memory information by tricking a user into visiting a specially crafted web page. Adobe Flash Player versions 11.1.102.62 and below are affected.
cd2efadbb305725a418111b28128ed5c65004213052f530f752893ddaadc11f6This Metasploit module exploits a vulnerability found in Adobe Flash Player. By supplying a corrupt .mp4 file loaded by Flash, it is possible to gain arbitrary remote code execution under the context of the user. This vulnerability has been exploited in the wild as part of the "Iran's Oil and Nuclear Situation.doc" phishing campaign.
bc712e2a0634304709e04fab0e0b399f87ad8994ef78b54e906ba338a89de632Secunia Security Advisory - Some vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to gain knowledge of potentially sensitive information or compromise a user's system.
3b583191ce1bde990fb87784459f8e4b123c5a7de9c778712999e48b39ef6aa7Red Hat Security Advisory 2012-0359-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes two vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB12-05, listed in the References section. A flaw was found in the way flash-plugin displayed certain SWF content. An attacker could use this flaw to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
4f6c288312851d2cb202ed736a92e3023e458dbcde02a2d931cb95fc88603ecbRed Hat Security Advisory 2012-0144-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB12-03, listed in the References section. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
e12fa8491ed0eb8269109f0b84ae42b196495d0ce25bd1e59eee089e630a6dbeSecunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.
29c374b8ff9e4bb8f9982a27b41d87697832d6cbdf2c6b508f885a38151042ddThis Metasploit module exploits a vulnerability found in Adobe Flash Player's Flash10u.ocx component. When processing a MP4 file (specifically the Sequence Parameter Set), Flash will see if pic_order_cnt_type is equal to 1, which sets the num_ref_frames_in_pic_order_cnt_cycle field, and then blindly copies data in offset_for_ref_frame on the stack, which allows arbitrary remote code execution under the context of the user. Numerous reports also indicate that this vulnerability has been exploited in the wild. Please note that the exploit requires a SWF media player in order to trigger the bug, which currently isn't included in the framework. However, software such as Longtail SWF Player is free for non-commercial use, and is easily obtainable.
df9a4f147e437db061fcac07db067da65775ac9fff0ec5fecbe3b18c47f3ceba
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed