Signature Detail

HTTP: Adobe Flash Player DefineFont Remote Code Execution (CVE-2011-0626)

This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to arbitrary code execution.

Extended Description

Adobe Flash Player is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Affected Products

• Adobe Flash CS4 Professional
• Adobe Flash CS5 Professional
• Adobe Flash Player 10
• Adobe Flash Player 10.0.0.584
• Adobe Flash Player 10.0.12.10
• Adobe Flash Player 10.0.12 .35
• Adobe Flash Player 10.0.12 .36
• Adobe Flash Player 10.0.15 .3
• Adobe Flash Player 10.0.22.87
• Adobe Flash Player 10.0.32 18
• Adobe Flash Player 10.0.32.18
• Adobe Flash Player 10.0.42.34
• Adobe Flash Player 10.0.45 2
• Adobe Flash Player 10.0.45 2
• Adobe Flash Player 10.0.45.2
• Adobe Flash Player 10.1.102.64
• Adobe Flash Player 10.1.102.65
• Adobe Flash Player 10.1.105.6
• Adobe Flash Player 10.1.106.16
• Adobe Flash Player 10.1.51.66
• Adobe Flash Player 10.1.53.64
• Adobe Flash Player 10.1.82.76
• Adobe Flash Player 10.1.85.3
• Adobe Flash Player 10.1.92.10
• Adobe Flash Player 10.1.92.10
• Adobe Flash Player 10.1.95.1
• Adobe Flash Player 10.1.95.2
• Adobe Flash Player 10.1 Release Candidate
• Adobe Flash Player 10.2.152.21
• Adobe Flash Player 10.2.152.33
• Adobe Flash Player 10.2.153.1
• Adobe Flash Player 10.2.154.13
• Adobe Flash Player 10.2.154.18
• Adobe Flash Player 10.2.154.24
• Adobe Flash Player 10.2.154.25
• Adobe Flash Player 10.2.154.27
• Adobe Flash Player 10.2.154.28
• Adobe Flash Player 10.2.156.12
• Adobe Flash Player 10.2.157.51
• Adobe Flash Player 10.2.159.1
• Adobe Flash Player 9
• Adobe Flash Player 9.0.112.0
• Adobe Flash Player 9.0.114.0
• Adobe Flash Player 9.0.115.0
• Adobe Flash Player 9.0.124.0
• Adobe Flash Player 9.0.125.0
• Adobe Flash Player 9.0.151 .0
• Adobe Flash Player 9.0.152 .0
• Adobe Flash Player 9.0.159.0
• Adobe Flash Player 9.0.16
• Adobe Flash Player 9.0.18D60
• Adobe Flash Player 9.0.20
• Adobe Flash Player 9.0.20.0
• Adobe Flash Player 9.0.246 0
• Adobe Flash Player 9.0.246.0
• Adobe Flash Player 9.0.260.0
• Adobe Flash Player 9.0.262
• Adobe Flash Player 9.0.277.0
• Adobe Flash Player 9.0.280
• Adobe Flash Player 9.0.28.0
• Adobe Flash Player 9.0.28.0
• Adobe Flash Player 9.0.289.0
• Adobe Flash Player 9.0.31.0
• Adobe Flash Player 9.0.31.0
• Adobe Flash Player 9.0.45.0
• Adobe Flash Player 9.0.47.0
• Adobe Flash Player 9.0.48.0
• Adobe Flash Player 9.125.0
• Gentoo Linux
• Red Hat Enterprise Linux Desktop Supplementary 5 Client
• Red Hat Enterprise Linux Desktop Supplementary 6
• Red Hat Enterprise Linux Server Supplementary 6
• Red Hat Enterprise Linux Supplementary 5 Server
• Red Hat Enterprise Linux Workstation Supplementary 6
• Research In Motion Blackberry PlayBook Tablet Software 1.0.5.2342
• Sun Solaris 10 Sparc
• Sun Solaris 10 X86
• Sun Solaris 11 Express
• SuSE openSUSE 11.3
• SuSE openSUSE 11.4
• SuSE SUSE Linux Enterprise Desktop 10 SP4
• SuSE SUSE Linux Enterprise Desktop 11 SP1
• Xerox FreeFlow Print Server (FFPS) 73.A3.31
• Xerox FreeFlow Print Server (FFPS) 73.B0.73

References

• BugTraq: 47814
• CVE: CVE-2011-0626