RootSSV:2651Adobe Flash Player JPG头处理远程堆缓冲区溢出漏洞
0.918 High
EPSS
Percentile
98.6%
BUGTRAQ ID: 26951
CVE ID:CVE-2007-6242
CNCVE ID:CNCVE-20076242
Adobe Flash Player是一款流行的FLASH播放程序。
Adobe Flash Player解析SWF文件中嵌入的JPG图象存在问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。
Flash播放器信任有符号的JPG头字段中指定的X和Y密度,并根据此值分配内存,但后续的循环处理过程中这些值以无符号值对待,可导致过多的循环迭代而在解码图象过程中造成堆破坏,精心构建图象数据,诱使用户打开,可导致以应用程序进程权限执行任意指令。
RedHat Enterprise Linux Supplementary v.5 server
RedHat Enterprise Linux Extras v.4
RedHat Enterprise Linux Extras v.3
RedHat Enterprise Linux Extras 4.5.z
RedHat Enterprise Linux Desktop Supplementary v.5 client
RedHat Advanced Workstation for the Itanium Processor 2.1
Adobe Flash Player 9.0.48.0
Adobe Flash Player 9.0.47.0
Adobe Flash Player 9.0.45.0
Adobe Flash Player 9.0.31.0
Adobe Flash Player 9.0.28.0
Adobe Flash Player 8.0.34.0
Adobe Flash Player 7.0.69.0
升级程序:
Adobe Flash Player 9.0.31.0
Adobe install_flash_player_9_linux.tar.gz
<a href=“http://fpdownload.macromedia.com/get/flashplayer/current/install_flash” target=“_blank”>http://fpdownload.macromedia.com/get/flashplayer/current/install_flash</a> _player_9_linux.tar.gz
Adobe Flash Player 8.0.34.0
Adobe install_flash_player_9_linux.tar.gz
<a href=“http://fpdownload.macromedia.com/get/flashplayer/current/install_flash” target=“_blank”>http://fpdownload.macromedia.com/get/flashplayer/current/install_flash</a> _player_9_linux.tar.gz
Adobe Flash Player 9.0.45.0
Adobe install_flash_player_9_linux.tar.gz
<a href=“http://fpdownload.macromedia.com/get/flashplayer/current/install_flash” target=“_blank”>http://fpdownload.macromedia.com/get/flashplayer/current/install_flash</a> _player_9_linux.tar.gz
Adobe Flash Player 7.0.69.0
Adobe install_flash_player_9_linux.tar.gz
<a href=“http://fpdownload.macromedia.com/get/flashplayer/current/install_flash” target=“_blank”>http://fpdownload.macromedia.com/get/flashplayer/current/install_flash</a> _player_9_linux.tar.gz
Adobe Flash Player 9.0.28.0
Adobe install_flash_player_9_linux.tar.gz
<a href=“http://fpdownload.macromedia.com/get/flashplayer/current/install_flash” target=“_blank”>http://fpdownload.macromedia.com/get/flashplayer/current/install_flash</a> _player_9_linux.tar.gz
Adobe Flash Player 9.0.48.0
Adobe install_flash_player_9_linux.tar.gz
<a href=“http://fpdownload.macromedia.com/get/flashplayer/current/install_flash” target=“_blank”>http://fpdownload.macromedia.com/get/flashplayer/current/install_flash</a> _player_9_linux.tar.gz
Adobe Flash Player 9.0.47.0
Adobe install_flash_player_9_linux.tar.gz
<a href=“http://fpdownload.macromedia.com/get/flashplayer/current/install_flash” target=“_blank”>http://fpdownload.macromedia.com/get/flashplayer/current/install_flash</a> _player_9_linux.tar.gz
Related
