Signature Detail

HTTP: Adobe Shockwave Flash URL Security Domain Checking Remote Code Execution

This signature detects attempts to exploit a known flaw in Adobe Shockwave Flash. A successful exploit could result in arbitrary remote code execution with the privileges of the browser process.

Extended Description

Adobe Flash Player is prone to multiple memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Affected Products

• Adobe AIR 1.0
• Adobe AIR 1.01
• Adobe AIR 1.1
• Adobe AIR 1.5
• Adobe AIR 1.5.1
• Adobe AIR 1.5.2
• Adobe AIR 1.5.3
• Adobe AIR 1.5.3.9120
• Adobe AIR 1.5.3.9130
• Adobe AIR 2.0.2
• Adobe AIR 2.0.2.12610
• Adobe AIR 2.0.3
• Adobe AIR 2.0.3
• Adobe AIR 2.0.4
• Adobe AIR 2.5.1
• Adobe AIR 2.6
• Adobe AIR 2.6.19120
• Adobe AIR 2.6.19140
• Adobe AIR 2.7
• Adobe AIR 2.7.1
• Adobe AIR 2.7.1.1961
• Adobe AIR 3.0
• Adobe AIR 3.1.0.4880
• Adobe Flash Player 10.1.102.64
• Adobe Flash Player 10.1.102.65
• Adobe Flash Player 11.1.102.55
• Adobe Flash Player 11.1.102.62
• Adobe Flash Player 11.1.102.63
• Adobe Flash Player 11.1.111.5
• Adobe Flash Player 11.1.111.6
• Adobe Flash Player 11.1.111.7
• Gentoo Linux
• Red Hat Enterprise Linux Desktop Supplementary 5 Client
• Red Hat Enterprise Linux Desktop Supplementary 6
• Red Hat Enterprise Linux Server Supplementary 6
• Red Hat Enterprise Linux Supplementary 5 Server
• Red Hat Enterprise Linux Workstation Supplementary 6
• Research In Motion Blackberry PlayBook Tablet Software 2.0.1.358
• SuSE openSUSE 11.4
• SuSE openSUSE 12.1
• SuSE SUSE Linux Enterprise Desktop 10 SP4
• SuSE SUSE Linux Enterprise Desktop 11 SP1
• SuSE SUSE Linux Enterprise Desktop 11 SP2

References

• BugTraq: 52748
• CVE: CVE-2012-0772