Signature Detail

HTTP: Adobe Flash Player Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to arbitrary code execution.

Extended Description

Adobe Flash Player is prone to a remote code-execution vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious file. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the victim running the vulnerable application. Adobe Flash Player 9.0.45.0 and earlier, 8.0.34.0 and earlier, and 7.0.69.0 and earlier are affected.

Affected Products

• Adobe Flash Player 7.0.69.0
• Adobe Flash Player 8.0.34.0
• Adobe Flash Player 9.0.28.0
• Adobe Flash Player 9.0.31.0
• Adobe Flash Player 9.0.45.0
• Adobe Flash Player Plugin 7.0.25
• Adobe Flash Player Plugin 7.0.63
• Adobe Flash Player Plugin 8.0.0
• Adobe Flash Player Plugin 9.0.16
• Adobe Flash Player Plugin 9.0.18d60
• Adobe Flash Player Plugin 9.0.20 .0
• Adobe Flash Player Plugin 9.0.28 .0
• Adobe Flash Player Plugin 9.0.31 .0
• Apple Mac OS X 10.3.0
• Apple Mac OS X 10.3.1
• Apple Mac OS X 10.3.2
• Apple Mac OS X 10.3.3
• Apple Mac OS X 10.3.4
• Apple Mac OS X 10.3.5
• Apple Mac OS X 10.3.6
• Apple Mac OS X 10.3.7
• Apple Mac OS X 10.3.8
• Apple Mac OS X 10.3.9
• Apple Mac OS X 10.4.0
• Apple Mac OS X 10.4.1
• Apple Mac OS X 10.4.10
• Apple Mac OS X 10.4.2
• Apple Mac OS X 10.4.3
• Apple Mac OS X 10.4.4
• Apple Mac OS X 10.4.5
• Apple Mac OS X 10.4.6
• Apple Mac OS X 10.4.7
• Apple Mac OS X 10.4.8
• Apple Mac OS X 10.4.9
• Apple Mac OS X Server 10.3.0
• Apple Mac OS X Server 10.3.1
• Apple Mac OS X Server 10.3.2
• Apple Mac OS X Server 10.3.3
• Apple Mac OS X Server 10.3.4
• Apple Mac OS X Server 10.3.5
• Apple Mac OS X Server 10.3.6
• Apple Mac OS X Server 10.3.7
• Apple Mac OS X Server 10.3.8
• Apple Mac OS X Server 10.3.9
• Apple Mac OS X Server 10.4.0
• Apple Mac OS X Server 10.4.1
• Apple Mac OS X Server 10.4.10
• Apple Mac OS X Server 10.4.2
• Apple Mac OS X Server 10.4.3
• Apple Mac OS X Server 10.4.4
• Apple Mac OS X Server 10.4.5
• Apple Mac OS X Server 10.4.6
• Apple Mac OS X Server 10.4.7
• Apple Mac OS X Server 10.4.8
• Apple Mac OS X Server 10.4.9
• Foresight Linux 1.1
• Gentoo Linux
• Macromedia Flash 7.0.0 r19
• Macromedia Flash 7.0.19 .0
• Macromedia Flash 7.0.25 .0
• Macromedia Flash 7.0.60 .0
• Macromedia Flash 7.0.61 .0
• Macromedia Flash 7.0.63.0
• Macromedia Flash 7.0.66.0
• Macromedia Flash 7.0.68.0
• Macromedia Flash 8.0
• Macromedia Flash 8.0.22 .0
• Macromedia Flash 8.0.24.0
• Macromedia Flash 8.0.33.0
• Nintendo Nintendo Wii
• Red Hat Enterprise Linux Desktop Supplementary 5 Client
• Red Hat Enterprise Linux Extras 3
• Red Hat Enterprise Linux Extras 4
• Red Hat Enterprise Linux Supplementary 5 Server
• Sun Solaris 10 Sparc
• Sun Solaris 10 X86
• SuSE Linux 10.0 Ppc
• SuSE Linux 10.0 X86
• SuSE Linux 10.0 X86-64
• SuSE Linux 10.1 Ppc
• SuSE Linux 10.1 X86
• SuSE Linux 10.1 X86-64
• SuSE Linux Desktop 1.0.0
• SuSE Linux Personal 10.0.0 OSS
• SuSE Linux Personal 10.1
• SuSE Linux Professional 10.0.0
• SuSE Linux Professional 10.0.0 OSS
• SuSE Linux Professional 10.1
• SuSE Novell Linux Desktop 9.0.0
• SuSE openSUSE 10.2
• SuSE SUSE Linux Enterprise Server 10 SP1
• SuSE SUSE Linux Enterprise Server 8
• SuSE SuSE Linux Openexchange Server 4.0.0
• SuSE SUSE LINUX Retail Solution 8.0.0
• SuSE SuSE Linux School Server for i386
• SuSE SuSE Linux Standard Server 8.0.0
• SuSE UnitedLinux 1.0.0
• Turbolinux FUJI
• Turbolinux wizpy

References

• BugTraq: 24856
• CVE: CVE-2007-3456