openSUSE Security Update : flash-player (openSUSE-SU-2011:0239-1)

The Adobe Standalone Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update flash-player-4239. The text...

Adobe Flash AVM Bytecode Verification Code Execution - Ver2 (CVE-2011-0609)

A code execution vulnerability has been reported in Adobe Flash. The vulnerability is due to an error in the Adobe Flash Player when parsing SWF files embedded in Excel files. A remote attacker could exploit this vulnerability by convincing a victim to open a specially crafted Excel file that...

Adobe Flash Player AVM Bytecode Verification

$Id: adobeflashplayeravm.rb 12091 2011-03-23 04:41:48Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Adobe Flash Player AVM Bytecode验证符多个整数溢出漏洞

BUGTRAQ ID: 40779 CVE ID: CVE-2010-2160 Flash Player是一款非常流行的FLASH播放器。 Flash Player在解析Adobe的ActionScript Virtual Machine 2 bytecode中的opcode时存在整数溢出漏洞。这个opcode的运算符用作了到结构的偏移，如果设置为恶意的值就可能执行受控的数据。结构中包含有之后会被调用的函数指针，如果攻击者将受控数据修改为指向无效的偏移，这个函数指针就可能设置为指向恶意的代码，导致以运行浏览器用户的权限执行任意代码。 此外AVM...