Signature Detail

HTTP: Adobe Flash Player Integer Overflow Remote Denial of Service Vulnerability

This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can result in a denial-of-service condition.

Extended Description

Adobe Flash Player is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected application to stop responding or crash. Due to the nature of this issue, arbitrary code-execution may be possible; this has not been confirmed. NOTE: This issue was previously discussed in BID 44669 (Adobe Flash Player APSB10-26 Multiple Remote Vulnerabilities), but has been given its own record to better document it.

Affected Products

• Adobe AIR 1.0
• Adobe AIR 1.01
• Adobe AIR 1.1
• Adobe AIR 1.5
• Adobe AIR 1.5.1
• Adobe AIR 1.5.2
• Adobe AIR 1.5.3
• Adobe AIR 1.5.3.9120
• Adobe AIR 1.5.3.9130
• Adobe AIR 2.0.2
• Adobe AIR 2.0.2.12610
• Adobe AIR 2.0.3
• Adobe AIR 2.0.3
• Adobe AIR 2.0.4
• Adobe Flash Player 10
• Adobe Flash Player 10.0.0.584
• Adobe Flash Player 10.0.12.10
• Adobe Flash Player 10.0.12 .35
• Adobe Flash Player 10.0.12 .36
• Adobe Flash Player 10.0.15 .3
• Adobe Flash Player 10.0.22.87
• Adobe Flash Player 10.0.32 18
• Adobe Flash Player 10.0.32.18
• Adobe Flash Player 10.0.42.34
• Adobe Flash Player 10.0.45 2
• Adobe Flash Player 10.0.45 2
• Adobe Flash Player 10.0.45.2
• Adobe Flash Player 10.1.51.66
• Adobe Flash Player 10.1.53.64
• Adobe Flash Player 10.1.82.76
• Adobe Flash Player 10.1.85.3
• Adobe Flash Player 10.1.92.10
• Adobe Flash Player 10.1.92.10
• Adobe Flash Player 10.1.95.1
• Adobe Flash Player 10.1.95.2
• Adobe Flash Player 10.1 Release Candidate
• Adobe Flash Player 9
• Adobe Flash Player 9.0.112.0
• Adobe Flash Player 9.0.114.0
• Adobe Flash Player 9.0.115.0
• Adobe Flash Player 9.0.124.0
• Adobe Flash Player 9.0.125.0
• Adobe Flash Player 9.0.151 .0
• Adobe Flash Player 9.0.152 .0
• Adobe Flash Player 9.0.159.0
• Adobe Flash Player 9.0.16
• Adobe Flash Player 9.0.18D60
• Adobe Flash Player 9.0.20
• Adobe Flash Player 9.0.20.0
• Adobe Flash Player 9.0.246 0
• Adobe Flash Player 9.0.246.0
• Adobe Flash Player 9.0.260.0
• Adobe Flash Player 9.0.262
• Adobe Flash Player 9.0.277.0
• Adobe Flash Player 9.0.280
• Adobe Flash Player 9.0.28.0
• Adobe Flash Player 9.0.28.0
• Adobe Flash Player 9.0.31.0
• Adobe Flash Player 9.0.31.0
• Adobe Flash Player 9.0.45.0
• Adobe Flash Player 9.0.47.0
• Adobe Flash Player 9.0.48.0
• Adobe Flash Player 9.125.0
• Apple Mac OS X 10.5
• Apple Mac OS X 10.5.0
• Apple Mac OS X 10.5.1
• Apple Mac OS X 10.5.2
• Apple Mac OS X 10.5.3
• Apple Mac OS X 10.5.4
• Apple Mac OS X 10.5.5
• Apple Mac OS X 10.5.6
• Apple Mac OS X 10.5.7
• Apple Mac OS X 10.5.8
• Apple Mac OS X 10.6
• Apple Mac OS X 10.6.1
• Apple Mac OS X 10.6.2
• Apple Mac OS X 10.6.3
• Apple Mac OS X 10.6.4
• Apple Mac OS X Server 10.5
• Apple Mac OS X Server 10.5.0
• Apple Mac OS X Server 10.5.1
• Apple Mac OS X Server 10.5.2
• Apple Mac OS X Server 10.5.3
• Apple Mac OS X Server 10.5.4
• Apple Mac OS X Server 10.5.5
• Apple Mac OS X Server 10.5.6
• Apple Mac OS X Server 10.5.7
• Apple Mac OS X Server 10.5.8
• Apple Mac OS X Server 10.6
• Apple Mac OS X Server 10.6.1
• Apple Mac OS X Server 10.6.2
• Apple Mac OS X Server 10.6.3
• Apple Mac OS X Server 10.6.4
• Gentoo Linux
• HP Systems Insight Manager 6.0
• HP Systems Insight Manager 6.0.0.96
• HP Systems Insight Manager 6.1
• HP Systems Insight Manager 6.2
• Red Hat Desktop Extras 4
• Red Hat Enterprise Linux AS Extras 4
• Red Hat Enterprise Linux Desktop Supplementary 5 Client
• Red Hat Enterprise Linux ES Extras 4
• Red Hat Enterprise Linux Extras 4
• Red Hat Enterprise Linux Supplementary 5 Server
• Red Hat Enterprise Linux WS Extras 4
• Sun Solaris 10 Sparc
• Sun Solaris 10 X86
• Sun Solaris 11
• Sun Solaris 11 Express
• SuSE openSUSE 11.1
• SuSE openSUSE 11.2
• SuSE openSUSE 11.3
• SuSE SUSE Linux Enterprise Desktop 11
• SuSE SUSE Linux Enterprise Desktop 11 SP1

References

• BugTraq: 44692
• CVE: CVE-2010-3639
• URL: http://www.adobe.com/products/flash/