Signature Detail

HTTP: Adobe Flash Player ActionScript 3 Dynamic Calculation Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to arbitrary code execution.

Extended Description

Adobe Flash Player is prone to a remote integer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Affected Products

• Adobe AIR 2.6
• Adobe AIR 2.6.19120
• Adobe AIR 2.6.19140
• Adobe AIR 2.7
• Adobe Flash Player 10
• Adobe Flash Player 10.0.0.584
• Adobe Flash Player 10.0.12.10
• Adobe Flash Player 10.0.12 .35
• Adobe Flash Player 10.0.12 .36
• Adobe Flash Player 10.0.15 .3
• Adobe Flash Player 10.0.22.87
• Adobe Flash Player 10.0.32 18
• Adobe Flash Player 10.0.32.18
• Adobe Flash Player 10.0.42.34
• Adobe Flash Player 10.0.45 2
• Adobe Flash Player 10.0.45 2
• Adobe Flash Player 10.0.45.2
• Adobe Flash Player 10.1.102.64
• Adobe Flash Player 10.1.102.65
• Adobe Flash Player 10.1.105.6
• Adobe Flash Player 10.1.106.16
• Adobe Flash Player 10.1.51.66
• Adobe Flash Player 10.1.52.14.1
• Adobe Flash Player 10.1.52.15
• Adobe Flash Player 10.1.53.64
• Adobe Flash Player 10.1.82.76
• Adobe Flash Player 10.1.85.3
• Adobe Flash Player 10.1.92.10
• Adobe Flash Player 10.1.92.10
• Adobe Flash Player 10.1.92.8
• Adobe Flash Player 10.1.95.1
• Adobe Flash Player 10.1.95.2
• Adobe Flash Player 10.1.95.2
• Adobe Flash Player 10.1 Release Candidate
• Adobe Flash Player 10.2.152
• Adobe Flash Player 10.2.152.21
• Adobe Flash Player 10.2.152.32
• Adobe Flash Player 10.2.152.33
• Adobe Flash Player 10.2.153.1
• Adobe Flash Player 10.2.154.13
• Adobe Flash Player 10.2.154.18
• Adobe Flash Player 10.2.154.24
• Adobe Flash Player 10.2.154.25
• Adobe Flash Player 10.2.154.27
• Adobe Flash Player 10.2.154.28
• Adobe Flash Player 10.2.156.12
• Adobe Flash Player 10.2.157.51
• Adobe Flash Player 10.2.159.1
• Adobe Flash Player 10.3.181.14
• Adobe Flash Player 10.3.181.16
• Adobe Flash Player 10.3.181.16
• Adobe Flash Player 10.3.181.22
• Adobe Flash Player 10.3.181.23
• Adobe Flash Player 10.3.181.26
• Adobe Flash Player 10.3.181.34
• Adobe Flash Player 10.3.185.21
• Adobe Flash Player 10.3.185.22
• Adobe Flash Player 10.3.185.22
• Adobe Flash Player 10.3.185.23
• Adobe Flash Player 10.3.185.25
• Adobe Flash Player 8
• Adobe Flash Player 8
• Adobe Flash Player 8.0.22.0
• Adobe Flash Player 8.0.24.0
• Adobe Flash Player 8.0.33.0
• Adobe Flash Player 8.0.34.0
• Adobe Flash Player 8.0.35.0
• Adobe Flash Player 8.0.39.0
• Adobe Flash Player 8.0.42.0
• Adobe Flash Player 9
• Adobe Flash Player 9.0.112.0
• Adobe Flash Player 9.0.114.0
• Adobe Flash Player 9.0.115.0
• Adobe Flash Player 9.0.124.0
• Adobe Flash Player 9.0.125.0
• Adobe Flash Player 9.0.151 .0
• Adobe Flash Player 9.0.152 .0
• Adobe Flash Player 9.0.155.0
• Adobe Flash Player 9.0.159.0
• Adobe Flash Player 9.0.16
• Adobe Flash Player 9.0.18D60
• Adobe Flash Player 9.0.20
• Adobe Flash Player 9.0.20.0
• Adobe Flash Player 9.0.246 0
• Adobe Flash Player 9.0.246.0
• Adobe Flash Player 9.0.260.0
• Adobe Flash Player 9.0.262
• Adobe Flash Player 9.0.262.0
• Adobe Flash Player 9.0.277.0
• Adobe Flash Player 9.0.280
• Adobe Flash Player 9.0.28.0
• Adobe Flash Player 9.0.28.0
• Adobe Flash Player 9.0.283.0
• Adobe Flash Player 9.0.289.0
• Adobe Flash Player 9.0.31.0
• Adobe Flash Player 9.0.31.0
• Adobe Flash Player 9.0.45.0
• Adobe Flash Player 9.0.47.0
• Adobe Flash Player 9.0.48.0
• Adobe Flash Player 9.125.0
• Avaya Interactive Response 4.0
• Gentoo Linux
• Google Chrome 10
• Google Chrome 10.0.648.127
• Google Chrome 10.0.648.127
• Google Chrome 10.0.648.128
• Google Chrome 10.0.648.133
• Google Chrome 10.0.648.204
• Google Chrome 10.0.648.205
• Google Chrome 10.0.648.205
• Google Chrome 10.0.648.205
• Google Chrome 11
• Google Chrome 11.0.672.2
• Google Chrome 11.0.696.43
• Google Chrome 11.0.696.43
• Google Chrome 11.0.696.57
• Google Chrome 11.0.696.65
• Google Chrome 11.0.696.68
• Google Chrome 11.0.696.71
• Google Chrome 11.0.696.77
• Google Chrome 12
• Google Chrome 12.0.742.100
• Google Chrome 12.0.742.112
• Google Chrome 12.0.742.91
• Google Chrome 13
• Google Chrome 13.0.782.107
• Google Chrome 9.0.597.107
• Google Chrome 9.0.597.84
• Google Chrome 9.0.597.94
• HP Systems Insight Manager 4.0
• HP Systems Insight Manager 4.1
• HP Systems Insight Manager 4.1 Sp1
• HP Systems Insight Manager 4.2
• HP Systems Insight Manager 4.2 SP1
• HP Systems Insight Manager 4.2 SP2
• HP Systems Insight Manager 5.0
• HP Systems Insight Manager 5.0 SP1
• HP Systems Insight Manager 5.0 SP2
• HP Systems Insight Manager 5.0 SP3
• HP Systems Insight Manager 5.0 SP5
• HP Systems Insight Manager 5.0 SP6
• HP Systems Insight Manager 5.1 SP1
• HP Systems Insight Manager 5.2 SP2
• HP Systems Insight Manager 5.3
• HP Systems Insight Manager 5.3 Update 1
• HP Systems Insight Manager 6.0
• HP Systems Insight Manager 6.0.0.96
• HP Systems Insight Manager 6.1
• HP Systems Insight Manager 6.2
• HP Systems Insight Manager 6.3
• Red Hat Desktop Extras 4
• Red Hat Enterprise Linux AS Extras 4
• Red Hat Enterprise Linux Desktop Supplementary 5 Client
• Red Hat Enterprise Linux Desktop Supplementary 6
• Red Hat Enterprise Linux ES Extras 4
• Red Hat Enterprise Linux Extras 4
• Red Hat Enterprise Linux Server Supplementary 6
• Red Hat Enterprise Linux Supplementary 5 Server
• Red Hat Enterprise Linux Workstation Supplementary 6
• Red Hat Enterprise Linux WS Extras 4
• Sun Solaris 10 Sparc
• Sun Solaris 10 X86
• Sun Solaris 11 Express
• SuSE openSUSE 11.3
• SuSE openSUSE 11.4
• SuSE SUSE Linux Enterprise Desktop 10 SP4
• SuSE SUSE Linux Enterprise Desktop 11 SP1
• Xerox FreeFlow Print Server (FFPS) 73.B3.61
• Xerox FreeFlow Print Server (FFPS) 73.C0.41

References

• BugTraq: 49079
• CVE: CVE-2011-2136
• CVE: CVE-2011-2416