Signature Detail

HTTP: Adobe Flash Player Memory Corruption Denial of Service

This signature detects attempts to exploit a known flaw in Adobe Flash. A malformed SWF file can cause memory corruption, resulting in a Denial of Service (DoS).

Extended Description

Adobe Flash Player is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Flash Player versions prior to 10.2.152.21 are affected.

Affected Products

• Adobe Flash Player 10
• Adobe Flash Player 10.0.0.584
• Adobe Flash Player 10.0.12.10
• Adobe Flash Player 10.0.12 .35
• Adobe Flash Player 10.0.12 .36
• Adobe Flash Player 10.0.15 .3
• Adobe Flash Player 10.0.22.87
• Adobe Flash Player 10.0.32 18
• Adobe Flash Player 10.0.32.18
• Adobe Flash Player 10.0.42.34
• Adobe Flash Player 10.0.45 2
• Adobe Flash Player 10.0.45 2
• Adobe Flash Player 10.0.45.2
• Adobe Flash Player 10.1.102.64
• Adobe Flash Player 10.1.102.65
• Adobe Flash Player 10.1.105.6
• Adobe Flash Player 10.1.106.16
• Adobe Flash Player 10.1.51.66
• Adobe Flash Player 10.1.53.64
• Adobe Flash Player 10.1.82.76
• Adobe Flash Player 10.1.85.3
• Adobe Flash Player 10.1.92.10
• Adobe Flash Player 10.1.92.10
• Adobe Flash Player 10.1.95.1
• Adobe Flash Player 10.1.95.2
• Adobe Flash Player 10.1 Release Candidate
• Gentoo Linux
• Google Chrome 8.0.549.0
• Google Chrome 8.0.550.0
• Google Chrome 8.0.551.0
• Google Chrome 8.0.551.1
• Google Chrome 8.0.552.0
• Google Chrome 8.0.552.1
• Google Chrome 8.0.552.10
• Google Chrome 8.0.552.100
• Google Chrome 8.0.552.101
• Google Chrome 8.0.552.102
• Google Chrome 8.0.552.103
• Google Chrome 8.0.552.104
• Google Chrome 8.0.552.105
• Google Chrome 8.0.552.11
• Google Chrome 8.0.552.12
• Google Chrome 8.0.552.13
• Google Chrome 8.0.552.14
• Google Chrome 8.0.552.15
• Google Chrome 8.0.552.16
• Google Chrome 8.0.552.17
• Google Chrome 8.0.552.18
• Google Chrome 8.0.552.19
• Google Chrome 8.0.552.2
• Google Chrome 8.0.552.20
• Google Chrome 8.0.552.200
• Google Chrome 8.0.552.201
• Google Chrome 8.0.552.202
• Google Chrome 8.0.552.203
• Google Chrome 8.0.552.204
• Google Chrome 8.0.552.205
• Google Chrome 8.0.552.206
• Google Chrome 8.0.552.207
• Google Chrome 8.0.552.208
• Google Chrome 8.0.552.209
• Google Chrome 8.0.552.21
• Google Chrome 8.0.552.210
• Google Chrome 8.0.552.211
• Google Chrome 8.0.552.212
• Google Chrome 8.0.552.213
• Google Chrome 8.0.552.214
• Google Chrome 8.0.552.215
• Google Chrome 8.0.552.215
• Google Chrome 8.0.552.216
• Google Chrome 8.0.552.217
• Google Chrome 8.0.552.218
• Google Chrome 8.0.552.219
• Google Chrome 8.0.552.220
• Google Chrome 8.0.552.221
• Google Chrome 8.0.552.222
• Google Chrome 8.0.552.223
• Google Chrome 8.0.552.224
• Google Chrome 8.0.552.225
• Google Chrome 8.0.552.226
• Google Chrome 8.0.552.237
• Google Chrome 8.0.552.300
• Google Chrome 8.0.552.301
• Google Chrome 8.0.552.302
• Google Chrome 8.0.552.303
• Google Chrome 8.0.552.304
• Google Chrome 8.0.552.305
• Google Chrome 8.0.552.306
• Google Chrome 8.0.552.307
• Google Chrome 8.0.552.308
• Google Chrome 8.0.552.309
• Google Chrome 8.0.552.310
• Google Chrome 9.0.597.84
• Red Hat Desktop Extras 4
• Red Hat Enterprise Linux AS Extras 4
• Red Hat Enterprise Linux Desktop Supplementary 6
• Red Hat Enterprise Linux ES Extras 4
• Red Hat Enterprise Linux Extras 4
• Red Hat Enterprise Linux Server Supplementary 6
• Red Hat Enterprise Linux Supplementary 5.6.Z server
• Red Hat Enterprise Linux Workstation Supplementary 6
• Red Hat Enterprise Linux WS Extras 4
• Sun Solaris 10 Sparc
• Sun Solaris 10 X86
• SuSE openSUSE 11.2
• SuSE openSUSE 11.3
• SuSE SUSE Linux Enterprise Desktop 10 SP3
• SuSE SUSE Linux Enterprise Desktop 11 SP1

References

• BugTraq: 46188
• CVE: CVE-2011-0560