Adobe Flash Player MP4 Copyright Statement Overflow

2012-03-08T00:00:00
ID SAINT:C93DC6DF137307868C38645D758E578E
Type saint
Reporter SAINT Corporation
Modified 2012-03-08T00:00:00

Description

Added: 03/08/2012
CVE: CVE-2012-0754
BID: 52034
OSVDB: 79300

Background

Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages.

Problem

Flash Player version prior to 11.1.102.62 do not properly validate the Copyright statement key (CPRT) in the tag information section of MP4 files. This may result in a heap overflow. An attacker may exploit this vulnerability by hosting a Flash applet on a website that loads a specially formatted MP4 file.

Resolution

Update to Flash Player 11.1.102.62 or newer.

References

<http://www.adobe.com/support/security/bulletins/apsb12-03.html>
<http://contagiodump.blogspot.com/2012/03/mar-2-cve-2012-0754-irans-oil-and.html>

Limitations

This exploit has been tested against Adobe Flash Player 11.1.102.55 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn).

Windows 7 targets must have JRE 6 installed.

The user must open the exploit page using Firefox 11 (XP only), or Internet Explorer 7, 8, or 9.

This exploit uses a heap spray which depends on some conditions that may not always be met. Reliability of the exploit may vary depending on these conditions.

Platforms

Windows