[PCWorks] Adobe Flash Player Multiple Vulnerabilities
- From: "Clint Hamilton-PCWorks Admin-OrpheusComputing.com & ComputersCustomBuilt.com" <PCWorks@xxxxxxxxxxxxxxxxxxxxxxxx>
- To: "PCWorks@xxxxxxxxxxxxx" <pcworks@xxxxxxxxxxxxx>
- Date: Sat, 12 Apr 2008 08:02:34 -0500
TITLE:
Adobe Flash Player Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA28083
VERIFY ADVISORY:
http://secunia.com/advisories/28083/
CRITICAL:
Highly critical
IMPACT:
Security Bypass, Cross Site Scripting, System access
WHERE:
From remote
REVISION:
1.1 originally posted 2008-04-09
SOFTWARE:
Adobe Flash Player 9.x
http://secunia.com/product/11901/
DESCRIPTION:
Some vulnerabilities have been reported in Adobe Flash Player,
which
can be exploited by malicious people to bypass certain security
restrictions, conduct cross-site scripting attacks, or to
potentially
compromise a user's system.
1) A boundary error exists in the processing of "Declare
Function
(V7)" tags. This can be exploited to cause a heap-based buffer
overflow via specially crafted flags.
2) An integer overflow in the processing of multimedia files
can be
exploited to cause a buffer overflow.
Successful exploitation of the vulnerabilities may allow
execution of
arbitrary code.
3) Errors when pinning a hostname to an IP address can be
exploited
to conduct DNS rebinding attacks.
This is related to vulnerability #3 in:
SA28161
4) An error when sending HTTP headers can be exploited to
bypass
cross-domain policy files.
5) An error exists in the enforcing of cross-domain policy
files.
This can be exploited to bypass certain security restrictions
on web
servers hosting cross-domain policy files.
This is related to vulnerability #4 in:
SA28161
6) Input passed to unspecified parameters when handling e.g.
the
"asfunction:" protocol is not properly sanitised before being
returned to the user. This can be exploited to inject arbitrary
HTML
and script code in a user's browser session in context of an
affected
site.
This is related to vulnerability #5 in:
SA28161
The vulnerabilities are reported in versions prior to
9.0.124.0.
SOLUTION:
Update to a fixed version.
-- Flash Player 9.0.115.0 and earlier --
Update to version 9.0.124.0.
http://www.adobe.com/go/getflash
-- Flash Player 9.0.115.0 and earlier - network
distribution --
Update to version 9.0.124.0.
http://www.adobe.com/licensing/distribution
-- Flex 3.0 --
Update to version 9.0.124.0.
http://www.adobe.com/support/flashplayer/downloads.html#fp9
-- AIR 1.0 --
Update to version 1.0.1.
http://www.adobe.com/go/getair
ORIGINAL ADVISORY:
Adobe:
http://www.adobe.com/support/security/bulletins/apsb08-11.html
Secunia Research:
http://secunia.com/secunia_research/2007-103/
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-08-021/
ISS X-Force:
http://www.iss.net/threats/289.html
OTHER REFERENCES:
SA28161:
http://secunia.com/advisories/28161/
=========================
The list's FAQ's can be seen by sending an email to
PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line.
To unsubscribe, subscribe, set Digest or Vacation to on or off, go to
//www.freelists.org/list/pcworks . You can also send an email to
PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line. Your
member list settings can be found at
//www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks . Once logged in, you have
access to numerous other email options.
The list archives are located at //www.freelists.org/archives/pcworks/ .
All email posted to the list will be placed there in the event anyone needs to
look for previous posts.
Other related posts:
