Adobe Pixel Shader

2014-06-24T00:00:00
ID SAINT:75FA8A298976AF8ABCE837B2A3892867
Type saint
Reporter SAINT Corporation
Modified 2014-06-24T00:00:00

Description

Added: 06/24/2014
CVE: CVE-2014-0515
BID: 67092
OSVDB: 106347

Background

The Adobe Flash plugin provides flash content rendering for web browsers.

Problem

A buffer overflow exists due to an error in processing SWF files. The vulnerable function exists in the the DisplayShader class and can be exploited by setting a malicious Pixel Bender Filter.

Limitations

This exploit has been tested against IE 8.0 on Windows 7 SP1 and Adobe Flash 13.0.0.182

Resolution

Update the Adobe Flash plugin.

Platforms

Windows