Signature Detail

HTTP: Adobe Flash Player for Linux ActionScript ASnative Command Execution

This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to arbitrary command execution.

Extended Description

Adobe Flash Player is prone to a remote command-execution vulnerability due to a failure to validate user supplied input to an internal function. Remote attackers may exploit this vulnerability to compromise an affected computer. This issue affects Flash Player on Linux platforms. Versions prior to Flash Player 10.0.15.3 and 9.0.152.0 are vulnerable.

Affected Products

• Adobe flash_player 10
• Adobe flash_player 10.0.12 .35
• Adobe flash_player 10.0.12 .36
• Adobe flash_player 7
• Adobe flash_player 7.0.69.0
• Adobe flash_player 7.0.70.0
• Adobe flash_player 8.0.34.0
• Adobe flash_player 8.0.35.0
• Adobe flash_player 9
• Adobe flash_player 9.0.115.0
• Adobe flash_player 9.0.124.0
• Adobe flash_player 9.0.151 .0
• Adobe flash_player 9.0.28.0
• Adobe flash_player 9.0.31.0
• Adobe flash_player 9.0.45.0
• Adobe flash_player 9.0.47.0
• Adobe flash_player 9.0.48.0
• Gentoo linux
• Pardus linux_2007
• Pardus linux_2008
• Red_hat desktop_extras 3
• Red_hat desktop_extras 4
• Red_hat enterprise_linux_as_extras 3
• Red_hat enterprise_linux_as_extras 4
• Red_hat enterprise_linux_desktop_supplementary 5 Client
• Red_hat enterprise_linux_es_extras 3
• Red_hat enterprise_linux_es_extras 4
• Red_hat enterprise_linux_extras 3
• Red_hat enterprise_linux_extras 4
• Red_hat enterprise_linux_supplementary 5 Server
• Red_hat enterprise_linux_ws_extras 3
• Red_hat enterprise_linux_ws_extras 4
• Suse novell_linux_desktop 9.0.0
• Suse opensuse 10.3
• Suse opensuse 11.0
• Suse opensuse 11.1
• Suse suse_linux_enterprise_desktop 10 SP2
• Turbolinux client 2008
• Turbolinux fuji
• Turbolinux wizpy

References

• BugTraq: 32896
• CVE: CVE-2008-5499