Check Point Advisories

Preemptive Protection against Adobe Flash Media Server Directory Traversal Vulnerability (APSB09-18)

Check Point Reference: CPAI-2009-330
Date Published: 20 Dec 2009
Severity: Critical
Last Updated: Thursday 01 January, 2009
Source: Adobe Security Bulletin - APSB09-18
Industry Reference:CVE-2009-3792
Protection Provided by:
Who is Vulnerable? Flash Media Server 3.5.2 and earlier versions
Vulnerability Description A directory traversal vulnerability has been discovered in Adobe Flash Media Server (FMS). Flash Media Server (FMS) is an application server for Flash-based applications. This vulnerability allows a hacker to access normally-inaccessible files and directories through a specially-created HTTP request. Instead of having access only to the publically-available files, the hacker can have access to all files and load arbitrary DLLS that are present on that server using this vulnerability.
Update/Patch AvaliableApply patches:
Adobe Security Bulletin - APSB09-18
Vulnerability DetailsThe vulnerability is due to an input validation error in the Adobe Flash Media Server. Successful exploitation could lead to FMS loading arbitrary DLLs present on the server.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK