Critical Remote Code Execution Vulnerability in Adobe Flash Player
( Adobe Security Bulletin APSB12-22, CVE-2012-5268 )
A vulnerability that could allow a remote attacker to take control of a targeted system has been discovered in Flash Player. The Check Point IPS Software Blade provides network-level protection for unpatched systems.
The vulnerability is due to an out of bounds memory access, which can be triggered by enticing a user to open a maliciously crafted .SWF file. Successful exploitation could allow the attacker to execute arbitrary code on the targeted system.
The following Adobe Flash Player versions are affected by this issue:
- 11.4.402.278 and earlier versions for Windows
- 11.4.402.265 and earlier versions for Macintosh
- 18.104.22.168 and earlier versions for Linux
- 22.214.171.124 and earlier versions for Android 4.x
- 126.96.36.199 and earlier versions for Android 3.x and 2.x
Additionally, these Adobe AIR versions are susceptible:
- 188.8.131.520 and earlier versions for Windows and Macintosh
- 184.108.40.2060 SDK (includes AIR for iOS) and earlier versions
- 220.127.116.110 and earlier versions for Android
Check Point recommends deploying the updates described in APSB12-22 as soon as is practical. In the meantime, the Check Point IPS Software Blade protects unpatched systems in the latest IPS update by detecting and blocking the transferal of malicious .SWF files on the network. For more information, see CPAI-2012-1322.
Last Updated: 09-Jan-2013