Signature Detail

HTTP: Adobe Flash Player ActiveX Control navigateToURL API Exploit

This signature detects attempts to exploit a known vulnerability in Adobe Flash Play ActiveX. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX calls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.

Extended Description

The Adobe Flash Player ActiveX control is prone to a cross-domain scripting vulnerability. An attacker may leverage this issue to execute arbitrary JavaScript in the context of another domain. This issue affects Adobe Flash Player 9.0.48.0, 8.0.35.0, and prior versions. NOTE: This issue was previously disclosed in BID 26929 (Adobe Flash Player Multiple Security Vulnerabilities) but has been assigned its own BID because new technical details are available.

Affected Products

• Adobe flash_player 7.0.69.0
• Adobe flash_player 7.0.70.0
• Adobe flash_player 8.0.34.0
• Adobe flash_player 8.0.35.0
• Adobe flash_player 9.0.28.0
• Adobe flash_player 9.0.31.0
• Adobe flash_player 9.0.45.0
• Adobe flash_player 9.0.47.0
• Adobe flash_player 9.0.48.0
• Gentoo linux
• Nortel_networks media_processing_svr_1000_rel 3.0
• Nortel_networks self-service-ccss7
• Nortel_networks self-service_peri_application
• Nortel_networks self-service_peri_workstation
• Red_hat enterprise_linux_desktop_supplementary 5 Client
• Red_hat enterprise_linux_extras 3
• Red_hat enterprise_linux_extras 4
• Red_hat enterprise_linux_extras 4.5.Z
• Red_hat enterprise_linux_extras 4.6.Z
• Red_hat enterprise_linux_supplementary 5 Server
• Sun opensolaris Build Snv 88
• Sun solaris 10 Sparc
• Sun solaris 10 X86
• Suse linux_personal 10.1
• Suse linux_professional 10.1
• Suse novell_linux_desktop 9.0.0
• Suse opensuse 10.2
• Suse opensuse 10.3
• Suse suse_linux_enterprise_desktop 10 SP1
• Turbolinux fuji
• Turbolinux wizpy

References

• BugTraq: 26960
• CVE: CVE-2007-6244