Signature Detail
Short Name |
HTTP:STC:ADOBE:SWF-INVALID-OBF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Adobe Flash Player Invalid Object Reference Code Execution |
Release Date |
2011/08/03 |
Update Number |
1966 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Adobe Flash Player Invalid Object Reference Code Execution
This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to arbitrary code execution.
Extended Description
Adobe Flash Player is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will likely crash the application, denying service to legitimate users. Versions prior to Flash Player 10.0.12.36 are vulnerable.
Affected Products
- Adobe AIR 1.5
- Adobe Flash CS3 Professional
- Adobe Flash CS4 Professional
- Adobe Flash Player 10
- Adobe Flash Player 10.0.12 .35
- Adobe Flash Player 10.0.12 .36
- Adobe Flash Player 10.0.15 .3
- Adobe Flash Player 7
- Adobe Flash Player 7.0.69.0
- Adobe Flash Player 7.0.70.0
- Adobe Flash Player 8.0.34.0
- Adobe Flash Player 8.0.35.0
- Adobe Flash Player 9
- Adobe Flash Player 9.0.115.0
- Adobe Flash Player 9.0.124.0
- Adobe Flash Player 9.0.151 .0
- Adobe Flash Player 9.0.152 .0
- Adobe Flash Player 9.0.28.0
- Adobe Flash Player 9.0.31.0
- Adobe Flash Player 9.0.45.0
- Adobe Flash Player 9.0.47.0
- Adobe Flash Player 9.0.48.0
- Adobe Flash Player Plugin 10.0.12.10
- Adobe Flash Player Plugin 7.0.25
- Adobe Flash Player Plugin 7.0.63
- Adobe Flash Player Plugin 8.0.0
- Adobe Flash Player Plugin 9.0.112.0
- Adobe Flash Player Plugin 9.0.124.0
- Adobe Flash Player Plugin 9.0.16
- Adobe Flash Player Plugin 9.0.18d60
- Adobe Flash Player Plugin 9.0.20 .0
- Adobe Flash Player Plugin 9.0.28 .0
- Adobe Flash Player Plugin 9.0.31 .0
- Adobe Flash Player Plugin 9.0.45.0
- Adobe Flex 3.0
- Apple Mac OS X 10.4.0
- Apple Mac OS X 10.4.1
- Apple Mac OS X 10.4.10
- Apple Mac OS X 10.4.11
- Apple Mac OS X 10.4.2
- Apple Mac OS X 10.4.3
- Apple Mac OS X 10.4.4
- Apple Mac OS X 10.4.5
- Apple Mac OS X 10.4.6
- Apple Mac OS X 10.4.7
- Apple Mac OS X 10.4.8
- Apple Mac OS X 10.4.9
- Apple Mac OS X 10.5
- Apple Mac OS X 10.5.1
- Apple Mac OS X 10.5.2
- Apple Mac OS X 10.5.3
- Apple Mac OS X 10.5.4
- Apple Mac OS X 10.5.5
- Apple Mac OS X 10.5.6
- Apple Mac OS X Server 10.4.0
- Apple Mac OS X Server 10.4.1
- Apple Mac OS X Server 10.4.10
- Apple Mac OS X Server 10.4.11
- Apple Mac OS X Server 10.4.2
- Apple Mac OS X Server 10.4.3
- Apple Mac OS X Server 10.4.4
- Apple Mac OS X Server 10.4.5
- Apple Mac OS X Server 10.4.6
- Apple Mac OS X Server 10.4.7
- Apple Mac OS X Server 10.4.8
- Apple Mac OS X Server 10.4.9
- Apple Mac OS X Server 10.5
- Apple Mac OS X Server 10.5.1
- Apple Mac OS X Server 10.5.2
- Apple Mac OS X Server 10.5.3
- Apple Mac OS X Server 10.5.4
- Apple Mac OS X Server 10.5.5
- Apple Mac OS X Server 10.5.6
- Avaya Interactive Response 2.0
- Avaya Interactive Response 3.0
- Avaya Interactive Response 4.0
- Gentoo Linux
- Nortel Networks Self-Service - CCSS7
- Nortel Networks Self-Service MPS 1000
- Nortel Networks Self-Service Peri Application
- Nortel Networks Self-Service Peri Workstation
- Pardus Linux 2008
- Red Hat Desktop Extras 3
- Red Hat Desktop Extras 4
- Red Hat Enterprise Linux AS Extras 3
- Red Hat Enterprise Linux AS Extras 4
- Red Hat Enterprise Linux Desktop Supplementary 5 Client
- Red Hat Enterprise Linux ES Extras 3
- Red Hat Enterprise Linux ES Extras 4
- Red Hat Enterprise Linux Extras 3
- Red Hat Enterprise Linux Extras 4
- Red Hat Enterprise Linux Supplementary 5 Server
- Red Hat Enterprise Linux WS Extras 3
- Red Hat Enterprise Linux WS Extras 4
- Sun OpenSolaris Build Snv 01
- Sun OpenSolaris Build Snv 02
- Sun OpenSolaris Build Snv 100
- Sun OpenSolaris Build Snv 101
- Sun OpenSolaris Build Snv 101A
- Sun OpenSolaris Build Snv 102
- Sun OpenSolaris Build Snv 103
- Sun OpenSolaris Build Snv 104
- Sun OpenSolaris Build Snv 105
- Sun OpenSolaris Build Snv 106
- Sun OpenSolaris Build Snv 107
- Sun OpenSolaris Build Snv 108
- Sun OpenSolaris Build Snv 109
- Sun OpenSolaris Build Snv 110
- Sun OpenSolaris Build Snv 13
- Sun OpenSolaris Build Snv 19
- Sun OpenSolaris Build Snv 22
- Sun OpenSolaris Build Snv 29
- Sun OpenSolaris Build Snv 36
- Sun OpenSolaris Build Snv 39
- Sun OpenSolaris Build Snv 45
- Sun OpenSolaris Build Snv 47
- Sun OpenSolaris Build Snv 50
- Sun OpenSolaris Build Snv 57
- Sun OpenSolaris Build Snv 59
- Sun OpenSolaris Build Snv 61
- Sun OpenSolaris Build Snv 64
- Sun OpenSolaris Build Snv 67
- Sun OpenSolaris Build Snv 68
- Sun OpenSolaris Build Snv 76
- Sun OpenSolaris Build Snv 77
- Sun OpenSolaris Build Snv 78
- Sun OpenSolaris Build Snv 80
- Sun OpenSolaris Build Snv 81
- Sun OpenSolaris Build Snv 82
- Sun OpenSolaris Build Snv 83
- Sun OpenSolaris Build Snv 84
- Sun OpenSolaris Build Snv 85
- Sun OpenSolaris Build Snv 86
- Sun OpenSolaris Build Snv 87
- Sun OpenSolaris Build Snv 88
- Sun OpenSolaris Build Snv 89
- Sun OpenSolaris Build Snv 90
- Sun OpenSolaris Build Snv 91
- Sun OpenSolaris Build Snv 92
- Sun OpenSolaris Build Snv 93
- Sun OpenSolaris Build Snv 94
- Sun OpenSolaris Build Snv 95
- Sun OpenSolaris Build Snv 96
- Sun OpenSolaris Build Snv 99
- Sun Solaris 10 Sparc
- Sun Solaris 10 X86
- SuSE Novell Linux Desktop 9.0.0
- SuSE openSUSE 10.3
- SuSE openSUSE 11.0
- SuSE openSUSE 11.1
- SuSE SUSE Linux Enterprise Desktop 10 SP2
- Turbolinux Client 2008
- Turbolinux FUJI
- Turbolinux wizpy
References
- BugTraq: 33880
- CVE: CVE-2009-0520