Signature Detail
Short Name |
HTTP:STC:ADOBE:TEXT-NETCONNECT |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Adobe Flash Player Race Condition Between Text Drawing And NetConnection Object |
Release Date |
2013/11/25 |
Update Number |
2322 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Adobe Flash Player Race Condition Between Text Drawing And NetConnection Object
This signature detects attempts to exploit a known vulnerability in the Adobe Acrobat Reader. A successful attack can lead to a user after free condition and arbitrary remote code execution within the context of the user.
Extended Description
Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before 3.8.0.1430 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3362, CVE-2013-3363, and CVE-2013-5324.
Affected Products
- adobe adobe_air 3.0.0.408
- adobe adobe_air 3.0.0.4080
- adobe adobe_air 3.1.0.485
- adobe adobe_air 3.1.0.488
- adobe adobe_air 3.1.0.4880
- adobe adobe_air 3.2.0.207
- adobe adobe_air 3.2.0.2070
- adobe adobe_air 3.3.0.3670
- adobe adobe_air 3.4.0.2540
- adobe adobe_air 3.4.0.2710
- adobe adobe_air 3.5.0.1060
- adobe adobe_air 3.5.0.600
- adobe adobe_air 3.5.0.880
- adobe adobe_air 3.5.0.890
- adobe adobe_air 3.6.0.597
- adobe adobe_air 3.6.0.6090
- adobe adobe_air 3.7.0.1530
- adobe adobe_air 3.7.0.1860
- adobe adobe_air 3.7.0.2090
- adobe adobe_air up to 3.8.0.870
- adobe adobe_air up to 3.8.0.910
- adobe adobe_air_sdk 3.0.0.4080
- adobe adobe_air_sdk 3.1.0.488
- adobe adobe_air_sdk 3.2.0.2070
- adobe adobe_air_sdk 3.3.0.3650
- adobe adobe_air_sdk 3.3.0.3690
- adobe adobe_air_sdk 3.4.0.2540
- adobe adobe_air_sdk 3.4.0.2710
- adobe adobe_air_sdk 3.5.0.1060
- adobe adobe_air_sdk 3.5.0.600
- adobe adobe_air_sdk 3.5.0.880
- adobe adobe_air_sdk 3.5.0.890
- adobe adobe_air_sdk 3.6.0.599
- adobe adobe_air_sdk 3.6.0.6090
- adobe adobe_air_sdk 3.7.0.1530
- adobe adobe_air_sdk 3.7.0.1860
- adobe adobe_air_sdk 3.7.0.2090
- adobe adobe_air_sdk up to 3.8.0.870
- adobe adobe_air_sdk up to 3.8.0.910
- adobe flash_player 11.0
- adobe flash_player 11.0.1.152
- adobe flash_player 11.0.1.153
- adobe flash_player 11.1
- adobe flash_player 11.1.102.55
- adobe flash_player 11.1.102.59
- adobe flash_player 11.1.102.62
- adobe flash_player 11.1.102.63
- adobe flash_player 11.1.111.44
- adobe flash_player 11.1.111.50
- adobe flash_player 11.1.111.54
- adobe flash_player 11.1.111.8
- adobe flash_player 11.1.115.34
- adobe flash_player 11.1.115.48
- adobe flash_player 11.1.115.54
- adobe flash_player 11.1.115.58
- adobe flash_player 11.1.115.63
- adobe flash_player 11.1.115.7
- adobe flash_player 11.2.202.223
- adobe flash_player 11.2.202.228
- adobe flash_player 11.2.202.233
- adobe flash_player 11.2.202.235
- adobe flash_player 11.2.202.236
- adobe flash_player 11.2.202.238
- adobe flash_player 11.2.202.243
- adobe flash_player 11.2.202.251
- adobe flash_player 11.2.202.258
- adobe flash_player 11.2.202.261
- adobe flash_player 11.2.202.262
- adobe flash_player 11.2.202.270
- adobe flash_player 11.2.202.273
- adobe flash_player 11.2.202.275
- adobe flash_player 11.2.202.280
- adobe flash_player 11.2.202.285
- adobe flash_player 11.2.202.291
- adobe flash_player 11.3.300.257
- adobe flash_player 11.3.300.262
- adobe flash_player 11.3.300.265
- adobe flash_player 11.3.300.268
- adobe flash_player 11.3.300.270
- adobe flash_player 11.3.300.271
- adobe flash_player 11.3.300.273
- adobe flash_player 11.4.402.265
- adobe flash_player 11.4.402.278
- adobe flash_player 11.4.402.287
- adobe flash_player 11.5.502.110
- adobe flash_player 11.5.502.135
- adobe flash_player 11.5.502.136
- adobe flash_player 11.5.502.146
- adobe flash_player 11.5.502.149
- adobe flash_player 11.6.602.167
- adobe flash_player 11.6.602.168
- adobe flash_player 11.6.602.171
- adobe flash_player 11.6.602.180
- adobe flash_player 11.7.700.169
- adobe flash_player 11.7.700.202
- adobe flash_player 11.7.700.224
- adobe flash_player 11.7.700.225
- adobe flash_player up to 11.1.111.64
- adobe flash_player up to 11.1.115.69
- adobe flash_player up to 11.2.202.297
- adobe flash_player up to 11.7.700.232
- adobe flash_player up to 11.8.800.94
References
- CVE: CVE-2013-3361