7 matches found
openSUSE Security Update : flash-player (openSUSE-SU-2011:0239-1)
The Adobe Standalone Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update flash-player-4239. The text...
Adobe Flash AVM Bytecode Verification Code Execution - Ver2 (CVE-2011-0609)
A code execution vulnerability has been reported in Adobe Flash. The vulnerability is due to an error in the Adobe Flash Player when parsing SWF files embedded in Excel files. A remote attacker could exploit this vulnerability by convincing a victim to open a specially crafted Excel file that...
Adobe Flash Player AVM Bytecode Verification vulnerability-vulnerability warning-the black bar safety net
Adobe Flash Player 9.0-10.0 not properly validate the byte stream before executing it, leading to uninitialized memory in the code is executed. Use the heap spray technique to control it is to not initialize the memory area may execute arbitrary code. +info: Adobe Flash Player AVM Bytecode...
Adobe Flash Player AVM Bytecode Verification Vulnerability
This module exploits a vulnerability in Adobe Flash Player versions 10.2.152.33 and earlier. This issue is caused by a failure in the ActionScript3 AVM2 verification logic. This results in unsafe JITJust-In-Time code being executed. This is the same vulnerability that was used for the RSA attack ...
Adobe Flash Player AVM Bytecode Verification
$Id: adobeflashplayeravm.rb 12091 2011-03-23 04:41:48Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Adobe Flash Player AVM Bytecode验证符多个整数溢出漏洞
BUGTRAQ ID: 40779 CVE ID: CVE-2010-2160 Flash Player是一款非常流行的FLASH播放器。 Flash Player在解析Adobe的ActionScript Virtual Machine 2 bytecode中的opcode时存在整数溢出漏洞。这个opcode的运算符用作了到结构的偏移,如果设置为恶意的值就可能执行受控的数据。结构中包含有之后会被调用的函数指针,如果攻击者将受控数据修改为指向无效的偏移,这个函数指针就可能设置为指向恶意的代码,导致以运行浏览器用户的权限执行任意代码。 此外AVM...
ZDI-10-115: Adobe Flash Player AVM newFrameState Integer Overfow Remote Code Execution Vulnerability
ZDI-10-115: Adobe Flash Player AVM newFrameState Integer Overfow Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-115 June 25, 2010 -- CVE ID: CVE-2010-2160 -- Affected Vendors: Adobe -- Affected Products: Adobe Flash Player -- TippingPointTM IPS Customer...