SAINT CorporationSAINT:82F50062D6E1368900D998FC42FC8FC7Adobe Flash Player MP4 Copyright Statement Overflow
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.9%
Added: 03/08/2012
CVE: CVE-2012-0754
BID: 52034
OSVDB: 79300
Background
Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages.
Problem
Flash Player version prior to 11.1.102.62 do not properly validate the Copyright statement key (CPRT) in the tag information section of MP4 files. This may result in a heap overflow. An attacker may exploit this vulnerability by hosting a Flash applet on a website that loads a specially formatted MP4 file.
Resolution
Update to Flash Player 11.1.102.62 or newer.
References
<http://www.adobe.com/support/security/bulletins/apsb12-03.html>
<http://contagiodump.blogspot.com/2012/03/mar-2-cve-2012-0754-irans-oil-and.html>
Limitations
This exploit has been tested against Adobe Flash Player 11.1.102.55 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn).
Windows 7 targets must have JRE 6 installed.
The user must open the exploit page using Firefox 11 (XP only), or Internet Explorer 7, 8, or 9.
This exploit uses a heap spray which depends on some conditions that may not always be met. Reliability of the exploit may vary depending on these conditions.
Platforms
Windows
Related
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.9%