Critical Vulnerability in Adobe Flash Player (APSA10-05)
( APSB10-28, APSB10-26, APSA10-05, CVE-2010-3654 )
Summary
A critical remote code execution vulnerability has been reported in the way Adobe Flash Player parses Flash content inside Acrobat Portable Document Format (PDF) files. A remote attacker may exploit this vulnerability to take complete control of the affected system. There are reports that this vulnerability is being actively exploited against Adobe Reader and Acrobat version 9.
Details
Adobe Flash Player is a multimedia and application player that renders Shockwave Flash (SWF) files.
The vulnerability is due to an error in the Adobe Flash Player that fails to properly parse Flash content inside PDF files. A remote attacker might exploit this issue by convincing a victim to open a specially crafted PDF file that contains malformed Flash content. Successful exploitation of this vulnerability could cause a crash and potentially allow an attacker to take control of the affected system.
Affected Products
This issue exists in the following products:
- Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux and Solaris
- Adobe Flash Player 10.1.95.2 and earlier for Android
- Adobe Reader 9.4 and earlier 9.x versions for Windows, Macintosh and UNIX
- Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Macintosh
Note that version 8 of Adobe Reader and Acrobat does not exhibit this vulnerability.
Solution
Adobe released an update for Adobe Flash Player on November 9, 2010 and updates for Adobe Reader and Acrobat on November 15, 2010. Check Point R70/71 IPS Software Blade provides network protection for unpatched systems by detecting and blocking PDF files that contain malformed Flash content. For more information, see CPAI-2010-304 and SBP-2010-29.
Originally Published:
Last Updated: 16-Nov-2010