Signature Detail

HTTP: Adobe Flash Player FLV appendBytes Function Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to arbitrary code execution.

Extended Description

Adobe Flash Player is prone to multiple memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Affected Products

• Adobe air 1.0
• Adobe air 1.01
• Adobe air 1.1
• Adobe air 1.5
• Adobe air 1.5.1
• Adobe air 1.5.2
• Adobe air 1.5.3
• Adobe air 1.5.3.9120
• Adobe air 1.5.3.9130
• Adobe air 2.0.2
• Adobe air 2.0.2.12610
• Adobe air 2.0.3
• Adobe air 2.0.3
• Adobe air 2.0.4
• Adobe air 2.5.1
• Adobe air 2.6
• Adobe air 2.6.19120
• Adobe air 2.6.19140
• Adobe air 2.7
• Adobe air 2.7.1
• Adobe air 2.7.1.1961
• Adobe air 3.0
• Adobe air 3.1.0.4880
• Adobe flash_player 10.1.102.64
• Adobe flash_player 10.1.102.65
• Adobe flash_player 11.1.102.55
• Adobe flash_player 11.1.102.62
• Adobe flash_player 11.1.102.63
• Adobe flash_player 11.1.111.5
• Adobe flash_player 11.1.111.6
• Adobe flash_player 11.1.111.7
• Gentoo linux
• Red_hat enterprise_linux_desktop_supplementary 5 Client
• Red_hat enterprise_linux_desktop_supplementary 6
• Red_hat enterprise_linux_server_supplementary 6
• Red_hat enterprise_linux_supplementary 5 Server
• Red_hat enterprise_linux_workstation_supplementary 6
• Research_in_motion blackberry_playbook_tablet_software 2.0.1.358
• Suse opensuse 11.4
• Suse opensuse 12.1
• Suse suse_linux_enterprise_desktop 10 SP4
• Suse suse_linux_enterprise_desktop 11 SP1
• Suse suse_linux_enterprise_desktop 11 SP2

References

• BugTraq: 52748
• CVE: CVE-2012-0773