|
||
| Editor Login | Register | ||
| > World > Security |
|
|
| Adobe Flash Player Multiple Vulnerabilities | ||||||||||||||||||||||||||||
Description: Some vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or to potentially compromise a user"s system. 1) A boundary error exists in the processing of "Declare Function (V7)" tags. This can be exploited to cause a heap-based buffer overflow via specially crafted flags. 2) An integer overflow in the processing of multimedia files can be exploited to cause a buffer overflow. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. 3) Errors when pinning a hostname to an IP address can be exploited to conduct DNS rebinding attacks. This is related to vulnerability #3 in: SA28161 4) An error when sending HTTP headers can be exploited to bypass cross-domain policy files. 5) An error exists in the enforcing of cross-domain policy files. This can be exploited to bypass certain security restrictions on web servers hosting cross-domain policy files. This is related to vulnerability #4 in: SA28161 6) Input passed to unspecified parameters when handling e.g. the "asfunction:" protocol is not properly sanitised before being returned to the user. This can be exploited to inject arbitrary HTML and script code in a user"s browser session in context of an affected site. This is related to vulnerability #5 in: SA28161 The vulnerabilities are reported in versions prior to 9.0.124.0. Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, using the Network Software Inspector. Solution: Update to a fixed version. -- Flash Player 9.0.115.0 and earlier -- Update to version 9.0.124.0. http://www.adobe.com/go/getflash -- Flash Player 9.0.115.0 and earlier - network distribution -- Update to version 9.0.124.0. http://www.adobe.com/licensing/distribution -- Flex 3.0 -- Update to version 9.0.124.0. http://www.adobe.com/support/flashplayer/downloads.html#fp9 -- AIR 1.0 -- Update to version 1.0.1. http://www.adobe.com/go/getair Provided and/or discovered by: 1) Alin Rad Pop, Secunia Research. The vendor also credits Javier Vicente Vallejo and Shane Macaulay, reported via ZDI. 2) Reported independently by: * Mark Dowd, ISS X-Force. * wushi of team509, reported via ZDI. 3) The vendor credits: * Dan Boneh, Adam Barth, Andrew Bortz, Collin Jackson, and Weidong Shao of Stanford University. * Tom Gallagher, Microsoft. 4) Ernst and Young"s Advanced Security Center. 5) Toshiharu Sugiyama of UBsecure, Inc. and JPCERT/CC. 6) Rich Cannings of the Google Security Team and Stefano Di Paola of Minded Security. Changelog: 2008-04-09: Corrected vendor links in the "Solution" section. Original Advisory: Adobe: http://www.adobe.com/support/security/bulletins/apsb08-11.html Secunia Research: http://secunia.com/secunia_research/2007-103/ ZDI: http://www.zerodayinitiative.com/advisories/ZDI-08-021/ ISS X-Force: http://www.iss.net/threats/289.html Other References: SA28161: http://secunia.com/advisories/28161/ | ||||||||||||||||||||||||||||
|
| Bağlantılar: bilgininefendisi.net |
| Open Source Document Project | AUP&TOS |
