Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:ADOBE:SWF-MAL-AS-RCE

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Adobe Flash Malicious ActionScript Remote Code Execution

Release Date

 2011/09/27

Update Number

 2000

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Adobe Flash Malicious ActionScript Remote Code Execution


This signature detects attempts to exploit a known flaw in Adobe ActionScript 3. An attack can entice a user to load a Flash file with malicious ActionScript which can result in arbitrary code execution in the victim's browser.

Extended Description

Adobe Flash Player is prone to a remote stack-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Affected Products

  • Adobe Flash Player 10
  • Adobe Flash Player 10.0.0.584
  • Adobe Flash Player 10.0.12.10
  • Adobe Flash Player 10.0.12 .35
  • Adobe Flash Player 10.0.12 .36
  • Adobe Flash Player 10.0.15 .3
  • Adobe Flash Player 10.0.22.87
  • Adobe Flash Player 10.0.32 18
  • Adobe Flash Player 10.0.32.18
  • Adobe Flash Player 10.0.42.34
  • Adobe Flash Player 10.0.45 2
  • Adobe Flash Player 10.0.45 2
  • Adobe Flash Player 10.0.45.2
  • Adobe Flash Player 10.1.102.64
  • Adobe Flash Player 10.1.102.65
  • Adobe Flash Player 10.1.105.6
  • Adobe Flash Player 10.1.106.16
  • Adobe Flash Player 10.1.51.66
  • Adobe Flash Player 10.1.52.14.1
  • Adobe Flash Player 10.1.52.15
  • Adobe Flash Player 10.1.53.64
  • Adobe Flash Player 10.1.82.76
  • Adobe Flash Player 10.1.85.3
  • Adobe Flash Player 10.1.92.10
  • Adobe Flash Player 10.1.92.10
  • Adobe Flash Player 10.1.92.8
  • Adobe Flash Player 10.1.95.1
  • Adobe Flash Player 10.1.95.2
  • Adobe Flash Player 10.1.95.2
  • Adobe Flash Player 10.1 Release Candidate
  • Adobe Flash Player 10.2.152
  • Adobe Flash Player 10.2.152.21
  • Adobe Flash Player 10.2.152.32
  • Adobe Flash Player 10.2.152.33
  • Adobe Flash Player 10.2.153.1
  • Adobe Flash Player 10.2.154.13
  • Adobe Flash Player 10.2.154.18
  • Adobe Flash Player 10.2.154.24
  • Adobe Flash Player 10.2.154.25
  • Adobe Flash Player 10.2.154.27
  • Adobe Flash Player 10.2.154.28
  • Adobe Flash Player 10.2.156.12
  • Adobe Flash Player 10.2.157.51
  • Adobe Flash Player 10.2.159.1
  • Adobe Flash Player 10.3.181.14
  • Adobe Flash Player 10.3.181.16
  • Adobe Flash Player 10.3.181.16
  • Adobe Flash Player 10.3.181.22
  • Adobe Flash Player 10.3.181.23
  • Adobe Flash Player 10.3.181.26
  • Adobe Flash Player 10.3.181.34
  • Adobe Flash Player 10.3.183.4
  • Adobe Flash Player 10.3.183.5
  • Adobe Flash Player 10.3.183.7
  • Adobe Flash Player 10.3.185.21
  • Adobe Flash Player 10.3.185.22
  • Adobe Flash Player 10.3.185.22
  • Adobe Flash Player 10.3.185.23
  • Adobe Flash Player 10.3.185.25
  • Adobe Flash Player 10.3.186.2
  • Adobe Flash Player 10.3.186.3
  • Adobe Flash Player 10.3.186.6
  • Adobe Flash Player 6.0.21.0
  • Adobe Flash Player 6.0.79
  • Adobe Flash Player 7
  • Adobe Flash Player 7
  • Adobe Flash Player 7.0.1
  • Adobe Flash Player 7.0.14.0
  • Adobe Flash Player 7.0.19.0
  • Adobe Flash Player 7.0.24.0
  • Adobe Flash Player 7.0.25
  • Adobe Flash Player 7.0.53.0
  • Adobe Flash Player 7.0.60.0
  • Adobe Flash Player 7.0.61.0
  • Adobe Flash Player 7.0.63
  • Adobe Flash Player 7.0.66.0
  • Adobe Flash Player 7.0.67.0
  • Adobe Flash Player 7.0.68.0
  • Adobe Flash Player 7.0.69.0
  • Adobe Flash Player 7.0.70.0
  • Adobe Flash Player 7.0.73.0
  • Adobe Flash Player 7.1
  • Adobe Flash Player 7.1.1
  • Adobe Flash Player 7.2
  • Adobe Flash Player 8
  • Adobe Flash Player 8
  • Adobe Flash Player 8.0.22.0
  • Adobe Flash Player 8.0.24.0
  • Adobe Flash Player 8.0.33.0
  • Adobe Flash Player 8.0.34.0
  • Adobe Flash Player 8.0.35.0
  • Adobe Flash Player 8.0.39.0
  • Adobe Flash Player 8.0.42.0
  • Adobe Flash Player 9
  • Adobe Flash Player 9.0.112.0
  • Adobe Flash Player 9.0.114.0
  • Adobe Flash Player 9.0.115.0
  • Adobe Flash Player 9.0.124.0
  • Adobe Flash Player 9.0.125.0
  • Adobe Flash Player 9.0.151 .0
  • Adobe Flash Player 9.0.152 .0
  • Adobe Flash Player 9.0.155.0
  • Adobe Flash Player 9.0.159.0
  • Adobe Flash Player 9.0.16
  • Adobe Flash Player 9.0.18D60
  • Adobe Flash Player 9.0.20
  • Adobe Flash Player 9.0.20.0
  • Adobe Flash Player 9.0.246 0
  • Adobe Flash Player 9.0.246.0
  • Adobe Flash Player 9.0.260.0
  • Adobe Flash Player 9.0.262
  • Adobe Flash Player 9.0.262.0
  • Adobe Flash Player 9.0.277.0
  • Adobe Flash Player 9.0.280
  • Adobe Flash Player 9.0.28.0
  • Adobe Flash Player 9.0.28.0
  • Adobe Flash Player 9.0.283.0
  • Adobe Flash Player 9.0.289.0
  • Adobe Flash Player 9.0.31.0
  • Adobe Flash Player 9.0.31.0
  • Adobe Flash Player 9.0.45.0
  • Adobe Flash Player 9.0.47.0
  • Adobe Flash Player 9.0.48.0
  • Adobe Flash Player 9.125.0
  • Avaya IR 4.0
  • Gentoo Linux
  • HP Systems Insight Manager 4.0
  • HP Systems Insight Manager 4.1
  • HP Systems Insight Manager 4.1 Sp1
  • HP Systems Insight Manager 4.2
  • HP Systems Insight Manager 4.2 SP1
  • HP Systems Insight Manager 4.2 SP2
  • HP Systems Insight Manager 5.0
  • HP Systems Insight Manager 5.0 SP1
  • HP Systems Insight Manager 5.0 SP2
  • HP Systems Insight Manager 5.0 SP3
  • HP Systems Insight Manager 5.0 SP5
  • HP Systems Insight Manager 5.0 SP6
  • HP Systems Insight Manager 5.1 SP1
  • HP Systems Insight Manager 5.2 SP2
  • HP Systems Insight Manager 5.3
  • HP Systems Insight Manager 5.3 Update 1
  • HP Systems Insight Manager 6.0
  • HP Systems Insight Manager 6.0.0.96
  • HP Systems Insight Manager 6.1
  • HP Systems Insight Manager 6.2
  • HP Systems Insight Manager 6.3
  • Red Hat Desktop Extras 4
  • Red Hat Enterprise Linux AS Extras 4
  • Red Hat Enterprise Linux Desktop Supplementary 5 Client
  • Red Hat Enterprise Linux Desktop Supplementary 6
  • Red Hat Enterprise Linux ES Extras 4
  • Red Hat Enterprise Linux Extras 4
  • Red Hat Enterprise Linux Server Supplementary 6
  • Red Hat Enterprise Linux Supplementary 5 Server
  • Red Hat Enterprise Linux Workstation Supplementary 6
  • Red Hat Enterprise Linux WS Extras 4
  • Research In Motion Blackberry PlayBook Tablet Software 1.0.5.2304
  • Research In Motion Blackberry PlayBook Tablet Software 1.0.5.2342
  • Research In Motion Blackberry PlayBook Tablet Software 1.0.6
  • Research In Motion Blackberry PlayBook Tablet Software 1.0.7.2942
  • Sun Solaris 10 Express
  • Sun Solaris 10 Sparc
  • Sun Solaris 10 X86
  • Sun Solaris 11 Express
  • SuSE SUSE Linux Enterprise Desktop 10 SP4
  • SuSE SUSE Linux Enterprise Desktop 11 SP1
  • Xerox FreeFlow Print Server (FFPS) 73.B3.61
  • Xerox FreeFlow Print Server (FFPS) 73.C0.41

References

  • BugTraq: 49715
  • CVE: CVE-2011-2427

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out