Signature Detail
Short Name |
HTTP:STC:ADOBE:FLASH-NULL-DOS |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Adobe Flash Player Null Pointer Dereference Denial of Service |
Release Date |
2012/12/02 |
Update Number |
2207 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Adobe Flash Player Null Pointer Dereference Denial of Service
This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can result in a denial-of-service condition.
Extended Description
Adobe Flash Player Plugin is prone to a remote denial-of-service vulnerability. Successfully exploiting this issue will allow attackers to crash the browser that uses the plugin, denying service to legitimate users. The following versions of Flash Player Plugin are vulnerable: 9.0.45.0 9.0.112.0 9.0.124.0 10.0.12.10 UPDATE (March 11, 2009): Flash Player Plugin 10.0.22.87 is vulnerable. UPDATE (September 4, 2009): Mac OS X 10.6 reportedly ships with Flash Player 10.0.23.1, which will overwrite any installed version of Flash Player when Mac OS X is being installed. UPDATE (June 10, 2010): Flash Player 10.1.53.64 and 9.0.227.0 are available.
Affected Products
- Adobe AIR 1.5.3.9130
- Adobe Flash CS3 Professional
- Adobe Flash CS4 Professional
- Adobe Flash CS5 Professional
- Adobe Flash Player 10.0.22.87
- Adobe Flash Player 9
- Adobe Flash Player 9.0.115.0
- Adobe Flash Player 9.0.124.0
- Adobe Flash Player 9.0.151 .0
- Adobe Flash Player 9.0.152 .0
- Adobe Flash Player 9.0.159.0
- Adobe Flash Player 9.0.246 0
- Adobe Flash Player 9.0.246.0
- Adobe Flash Player 9.0.260.0
- Adobe Flash Player 9.0.262
- Adobe Flash Player Plugin 10.0.12.10
- Adobe Flash Player Plugin 9.0.112.0
- Adobe Flash Player Plugin 9.0.124.0
- Adobe Flash Player Plugin 9.0.45.0
- Adobe Flex 3.0
- Adobe Flex 4.0
- Apple Mac OS X 10.5
- Apple Mac OS X 10.5.0
- Apple Mac OS X 10.5.1
- Apple Mac OS X 10.5.2
- Apple Mac OS X 10.5.3
- Apple Mac OS X 10.5.4
- Apple Mac OS X 10.5.5
- Apple Mac OS X 10.5.6
- Apple Mac OS X 10.5.7
- Apple Mac OS X 10.5.8
- Apple Mac OS X 10.6
- Apple Mac OS X 10.6.1
- Apple Mac OS X 10.6.2
- Apple Mac OS X 10.6.3
- Apple Mac OS X 10.6.4
- Apple Mac OS X Server 10.5
- Apple Mac OS X Server 10.5.0
- Apple Mac OS X Server 10.5.1
- Apple Mac OS X Server 10.5.2
- Apple Mac OS X Server 10.5.3
- Apple Mac OS X Server 10.5.4
- Apple Mac OS X Server 10.5.5
- Apple Mac OS X Server 10.5.6
- Apple Mac OS X Server 10.5.7
- Apple Mac OS X Server 10.5.8
- Apple Mac OS X Server 10.6
- Apple Mac OS X Server 10.6.1
- Apple Mac OS X Server 10.6.2
- Apple Mac OS X Server 10.6.3
- Apple Mac OS X Server 10.6.4
- Gentoo Linux
- HP Systems Insight Manager 5.0
- HP Systems Insight Manager 5.0 SP1
- HP Systems Insight Manager 5.0 SP2
- HP Systems Insight Manager 5.0 SP3
- HP Systems Insight Manager 5.0 SP5
- HP Systems Insight Manager 5.0 SP6
- HP Systems Insight Manager 5.1 SP1
- HP Systems Insight Manager 5.2 SP2
- HP Systems Insight Manager 5.3
- HP Systems Insight Manager 5.3 Update 1
- HP Systems Insight Manager 6.0.0.96
- HP Systems Insight Manager C 05.00.02
- HP Systems Insight Manager C.05.00.02
- Red Hat Enterprise Linux Desktop Supplementary 5 Client
- Red Hat Enterprise Linux Supplementary 5 Server
- SuSE Novell Linux Desktop 9.0.0
- SuSE openSUSE 10.2
- SuSE openSUSE 10.3
- SuSE openSUSE 11.0
- SuSE openSUSE 11.1
- SuSE openSUSE 11.2
- SuSE SUSE Linux Enterprise 10 SP3
- SuSE SUSE Linux Enterprise 11 SP1
- SuSE SUSE Linux Enterprise Desktop 10 SP1
- SuSE SUSE Linux Enterprise Desktop 10 SP2
- SuSE SUSE Linux Enterprise Desktop 10 SP3
- SuSE SUSE Linux Enterprise Desktop 11
- SuSE SUSE Linux Enterprise Desktop 11 SP1
References
- BugTraq: 31537
- CVE: CVE-2008-4546