Next Page >>
Adobe Systems
==================================================
1. Summary
==================================================
Adobe Flex is a software development kit released by Adobe Systems for the development and deployment of cross-platform rich Internet applications based on the Adobe Flash platform. An instance of a DOM-based Cross Site Scripting (XSS) vulnerability was found in the default index.template.html of the SDK that is an HTML template used by FlexBuilder to generate the wrapper html for all the application files in your project. The XSS vulnerability appears to affect all user's that download and utilize this HTML wrapper. You can find more information on DOM-based XSS here: http://www.owasp.org/index.php/DOM_Based_XSS
The vendor (Adobe Systems) was notified of this issue on June 29, 2009. The vendor responded by releasing version 3.4 on August 19, 2009 and has also issued a security bulletin: http://www.adobe.com/support/security/bulletins/apsb09-13.html.
File flags: 0 (Mask 3F)
File OS: 4 Unknown Win32
File type: 2.0 Dll
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Adobe Systems, Incorporated
ProductName: Adobe Photoshop CS5.1
InternalName: U3D
OriginalFilename: U3D8B.8BI
ProductVersion: CS5.1
FileVersion: 12.1 (12.1x20110328 [20110328.r.145 2011/03/28:10:30:00 cutoff; r branch])
I. BACKGROUND
The getPlus Downloader is an application download and installation
manager, distributed in the form of an ActiveX control. This control is
used by Adobe Systems Inc. to install Adobe Reader through the Adobe
website when Internet Explorer is used. Part of the functionality of
the getPlus Downloader is to download and execute applications from
preconfigured sites; in the case of Adobe, from adobe.com and its
subdomains. For more information, see the vendor's site found at the
following link.
http://www.adobe.com/products/reader/
http://www.adobe.com/products/acrobat/
II. DESCRIPTION
Remote exploitation of a use after free vulnerability in Adobe Systems
Inc.'s Reader could allow an attacker to execute arbitrary code with the
privileges of the current user.
The vulnerability occurs when parsing a JPEG file embedded inside a PDF
file. When processing specific JPEG markers, Adobe Reader creates an
http://www.adobe.com/products/reader/
http://www.adobe.com/products/acrobatpro/
II. DESCRIPTION
Remote exploitation of a use after free vulnerability in Adobe Systems
Inc.'s Acrobat and Reader Firefox plugin could allow an attacker to
execute arbitrary code with the privileges of the current user.
When Adobe Acrobat/Reader is installed, it also installs various browser
plugins that allow PDF documents to be viewed in the browser. This
-------------------------------------------------------------------------
ASPR #2011-02-11-2: Remote Binary Planting in Adobe Flash Player
=========================================================================
Document ID: ASPR #2011-02-11-2-PUB
Vendor: Adobe Systems, Inc. (http://www.adobe.com)
Target: Adobe Flash Player
Impact: Remote execution of arbitrary code
Severity: Very high
Status: Official patch available, workarounds available
Discovered by: Simon Raner of ACROS Security
http://get.adobe.com/shockwave
II. DESCRIPTION
Remote exploitation of a heap overflow vulnerability in Adobe Systems
Inc.'s Shockwave could allow an attacker to execute arbitrary code with
the privileges of the current user.
This vulnerability occurs when Shockwave processes a maliciously
constructed "DRCF" chunk. Specifically, when parsing a substructure
http://www.adobe.com/products/flashplayer/
II. DESCRIPTION
Remote exploitation of a use-after-free vulnerability in Adobe Systems
Inc.'s Flash Player could allow an attacker to execute arbitrary code
with the privileges of the current user. <BR> <BR> The
vulnerability
takes place during the processing of a certain image type within a
certain function. The image is positioned at a location on a linked
http://www.adobe.com/products/flashplayer/
II. DESCRIPTION
Remote exploitation of a heap overflow vulnerability in Adobe Systems
Inc's Flash Player could allow an attacker to execute arbitrary code
with the privileges of the current user.
When a specifically crafted URL is passed to Flash Player, a heap
overflow can occur and could result in arbitrary code execution.
http://www.adobe.com/products/acrobat/
II. DESCRIPTION
Remote exploitation of a memory corruption vulnerability in multiple
versions of Adobe Systems Inc.'s Reader and Acrobat PDF reader and
processor could allow an attacker to execute arbitrary code with the
privileges of the current user.
The vulnerability occurs when processing the Jp2c stream of a JpxDecode
encoded data stream within a PDF file. During the processing of a
http://www.adobe.com/products/flashplayer
II. DESCRIPTION
Remote exploitation of an invalid Loader object reference vulnerability
in Adobe Systems Inc.'s Flash Player could allow an attacker to execute
arbitrary code with the privileges of the current user.
During the processing of a Shockwave Flash file, an object can be
created, along with multiple references that point to the object. The
object can be destroyed and its associated references removed. However
-------------------------------------------------------------------------
ASPR #2010-11-05-01: Remote Binary Planting in Adobe Flash Player
=========================================================================
Document ID: ASPR #2010-11-05-01-PUB
Vendor: Adobe Systems, Inc. (http://www.adobe.com)
Target: Adobe Flash Player for Windows
Impact: Remote execution of arbitrary code
Severity: Very high
Status: Official patch available, workarounds available
Discovered by: Simon Raner of ACROS Security
Name: Adobe LiveCycle Workflow XSS Vulnerability
Release Date: 11 March 2008
Reference: LSD002-2008
CVE Number: CVE-2008-1202
Discover: Dave Lewis
Vendor: Adobe Systems
Product: LiveCycle Workflow 6.2 Management Web Interface
Systems Affected: version 6.2 (as tested)
NB. Other versions may be affected.
Risk: Important
http://www.adobe.com/products/acrobatpro/
II. DESCRIPTION
Remote exploitation of a heap based buffer overflow vulnerability in
Adobe Systems Inc.'s Reader and Acrobat could allow an attacker to
execute arbitrary code with the privileges of the current user.
The vulnerability occurs when parsing a JBIG2-encoded stream inside of a
PDF file. JBIG2 is an image encoding format that is primarily used for
encoding monochrome images such as faxes.
-------------------------------------------------------------------------
ASPR #2011-02-11-1: Remote Binary Planting in Adobe Reader
=========================================================================
Document ID: ASPR #2011-02-11-1-PUB
Vendor: Adobe Systems, Inc. (http://www.adobe.com)
Target: Adobe Reader
Impact: Remote execution of arbitrary code
Severity: Very high
Status: Official patch available, workarounds available
Discovered by: Mitja Kolsek of ACROS Security
http://www.adobe.com/products/flashmediaserver/
II. DESCRIPTION
Remote exploitation of multiple integer overflow vulnerabilities in
Adobe Systems Inc.'s Flash Media Server 2 could allow an
unauthenticated attacker to execute arbitrary code with SYSTEM
privileges.
The Flash Media Server contains a component called the Edge server,
which listens on TCP ports 1935 and 19350 for incoming connections.
http://www.adobe.com/products/acrobatpro/
II. DESCRIPTION
Remote exploitation of an integer overflow vulnerability in multiple
versions of Adobe Systems Inc's Reader and Acrobat PDF reader and
processor could allow an attacker to execute arbitrary code with the
privileges of the current user.
The vulnerability occurs when parsing a FlateDecode filter inside a PDF
file. FlateDecode is a filter for data compressed with zlib deflate
http://www.adobe.com/products/flashplayer/
II. DESCRIPTION
Remote exploitation of an array indexing vulnerability in Adobe Systems
Inc.'s Flash Player could allow an attacker to execute arbitrary code
with the privileges of the current user.<BR><BR> During the
processing
of certain types of Adobe Flash code, a certain function may be tricked
into accepting an overly large index argument. The index argument may
http://www.adobe.com/products/flashplayer/
II. DESCRIPTION
Remote exploitation of a memory corruption vulnerability in Adobe
Systems Inc.'s Flash Player could allow an attacker to execute
arbitrary code with the privileges of the current user.
The vulnerability occurs when parsing a maliciously formatted sequence
of ActionScript code inside of an Adobe Flash file. The problem exists
in a certain ActionScript method. When the method is called with
http://www.adobe.com/products/reader/
II. DESCRIPTION
Remote exploitation of an unsafe library path vulnerability in Adobe
Systems Inc.'s Adobe Reader may allow attackers to execute arbitrary
code as the current user.
This vulnerability is due to Adobe Reader using a path for "Security
Provider" libraries that contains the directory the application was
started in. Security Provider libraries provide encryption and
in the enterprise. Because of this, NoSQL-related vulnerabilities are
expected to become much more widespread
(http://www.govtech.com/policy-management/9-Cybersecurity-Threat-Predictions-for-2012.html)
In July last year, Bryan Sullivan, a senior security researcher at Adobe
Systems, demonstrated server-side JavaScript injection vulnerabilities
in web applications using MongoDB and other NoSQL database engines. He
demonstrated how they could be used to perform Denial of Service, File
System, Remote Command Execution, and many other attacks, including the
easy extraction of the entire contents of the NoSQL database -- a blind
NoSQL injection attack (paper available at
http://www.adobe.com/products/flashplayer/
II. DESCRIPTION
Remote exploitation of a memory corruption vulnerability in Adobe
Systems Inc.'s Flash Player could allow an attacker to execute arbitrary
code with the privileges of the current user.
The vulnerability occurs when parsing a maliciously formatted sequence
of ActionScript code inside an Adobe Flash file. The problem exists in a
certain ActionScript function method of the built-in "flash.display"
Time-Based Blind NoSQL Injection - Detecting server-side JavaScript
injection vulnerabilities
In July 2011, Bryan Sullivan, a senior security researcher at Adobe
Systems, demonstrated server-side JavaScript injection vulnerabilities
in web applications using MongoDB and other NoSQL database engines. He
demonstrated how they could be used to perform Denial of Service, File
System, Remote Command Execution, and many other attacks, including the
easy extraction of the entire contents of the NoSQL database -- a blind
NoSQL injection attack (paper here at
http://www.adobe.com/products/flashmediaserver/
II. DESCRIPTION
Remote exploitation of a memory corruption vulnerability in Adobe
Systems Inc.'s Flash Media Server 2 could allow an unauthenticated
attacker to execute arbitrary code with SYSTEM privileges.
The Flash Media Server contains a component called the Edge server,
which listens on TCP ports 1935 and 19350 for incoming connections.
This port is the primary port used for client/server communication. The
http://get.adobe.com/shockwave
II. DESCRIPTION
Remote exploitation of an integer overflow vulnerability in Adobe
Systems Inc.'s Shockwave could allow an attacker to execute arbitrary
code with the privileges of the current user.
This vulnerability occurs when Shockwave processes a maliciously
constructed "tSAC" chunk. Specifically, a 32-bit value from the file is
used in an arithmetic operation that calculates the number of bytes to
http://www.adobe.com/products/flashplayer/
II. DESCRIPTION
Remote exploitation of an integer overflow vulnerability in Adobe
Systems Inc.'s Flash Player could allow an attacker to execute arbitrary
code with the privileges of the current user.
During the allocation of an array within a certain internal ActionScript
function, a size calculation may cause an integer value to overflow.
This condition may lead to the bounds of an undersized array being
http://get.adobe.com/shockwave
II. DESCRIPTION
Remote exploitation of a integer signedness vulnerability in Adobe
Systems Inc.'s Shockwave could allow an attacker to execute arbitrary
code with the privileges of the current user.
This vulnerability occurs when Shockwave processes a maliciously
constructed "Lscr" record. This record can embed Lingo script code,
which is Shockwave's scripting language. The vulnerability occurs when
http://get.adobe.com/shockwave
II. DESCRIPTION
Remote exploitation of an integer overflow vulnerability in Adobe
Systems Inc.'s Shockwave could allow an attacker to execute arbitrary
code with the privileges of the current user.
This vulnerability occurs when Shockwave processes a maliciously
constructed "DEMX" chunk. This occurs when parsing a certain subrecord
located inside the DEMX chunk. Specifically, a 32-bit value from the
http://get.adobe.com/shockwave
II. DESCRIPTION
Remote exploitation of a memory corruption vulnerability in Adobe
Systems Inc.'s Shockwave Player could allow an attacker to execute
arbitrary code with the privileges of the current user. <BR> <BR> The
vulnerability takes place during the processing of a tSAC chunk within
an Adobe Director file. A length value is read from the tSAC chunk and
a signed comparison is made against the length value. If the length
value is negative, a memory address is incorrectly calculated and a
I. BACKGROUND ---------------------
Adobe Acrobat is a family of computer programs developed by Adobe
Systems, designed to view, create, manipulate and manage files in
Adobe's Portable Document Format (PDF).
II. DESCRIPTION ---------------------
Next Page>>
|
