Adobe Flash Player ActionScript Exception Handler Integer Overflow Vulnerability

ID ZDI-09-093
Type zdi
Reporter Damian Put
Modified 2009-11-09T00:00:00


This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page or open a malicious SWF file.

The specific flaw exists in the generation of ActionScript exception handlers. In Verifier::parseExceptionHandlers(), a large value for exception_count will result in an integer overflow condition leading to a memory corruption which can be leveraged to execute arbitrary code under the context of the currently logged in user.