Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:27474
HistoryDec 26, 2011 - 12:00 a.m.

VUPEN Security Research - Adobe Flash Player "SAlign" Memory Corruption Vulnerability (CVE-2011-2459)

2011-12-2600:00:00
vulners.com
34
JSON

VUPEN Security Research - Adobe Flash Player "SAlign" Memory Corruption
Vulnerability (CVE-2011-2459)

Website : http://www.vupen.com/english/research.php

Twitter : http://twitter.com/vupen

I. BACKGROUND

Adobe Flash Player is a cross-platform browser-based application runtime
that delivers uncompromised viewing of expressive applications, content,
and videos across screens and browsers. Flash Player delivers breakthrough
web experiences to over 98% of Internet users.

II. DESCRIPTION

VUPEN Vulnerability Research Team discovered a vulnerability in Adobe
Flash Player.

The vulnerability is caused by an uninitialized stack variable when
processing an invalid "SAlign" property of the Flash ActiveX control,
which could be exploited by remote attackers to compromise a vulnerable
system via a specially crafted web page.

III. AFFECTED PRODUCTS

Adobe Flash Player versions prior to 11.1.102.55

IV. Binary Analysis & Exploits/PoCs

In-depth binary analysis of the vulnerability and a proof-of-concept code
are available through the VUPEN Binary Analysis & Exploits portal :

http://www.vupen.com/english/services/ba-index.php

VUPEN Binary Analysis & Exploits Service provides private exploits and
in-depth technical analysis of the most significant public vulnerabilities
based on disassembly, reverse engineering, protocol analysis, and code
audit.

The service allows governments and major corporations to evaluate risks, and
protect infrastructures and assets against new threats. The service also
allows security vendors (IPS, IDS, AntiVirus) to supplement their internal
research efforts and quickly develop both vulnerability-based and
exploit-based signatures to proactively protect their customers from attacks
and emerging threats.

V. VUPEN Threat Protection Program

Governments and major corporations which are members of the VUPEN Threat
Protection Program (TPP) have been proactively alerted about the
vulnerability
when it was discovered by VUPEN in advance of its public disclosure, and
have received a detailed attack detection guidance to protect national and
critical infrastructures against potential 0-day attacks exploiting this
vulnerability:

http://www.vupen.com/english/services/tpp-index.php

VI. SOLUTION

Upgrade to Adobe Flash Player version 11.1.102.55

VII. CREDIT

This vulnerability was discovered by Nicolas Joly of VUPEN Security

VIII. ABOUT VUPEN Security

VUPEN is the world leader in vulnerability research for defensive and
offensive cyber security. VUPEN solutions enable corporations and
governments
to measure and manage risks, eliminate vulnerabilities before they can be
exploited, and protect critical infrastructures and assets against known and
unknown vulnerabilities.

VUPEN has been recognized as "Company of the Year 2011 in the Vulnerability
Research Market" by Frost & Sullivan.

VUPEN solutions include:

IX. REFERENCES

http://www.adobe.com/support/security/bulletins/apsb11-28.html
http://www.vupen.com/english/research.php

X. DISCLOSURE TIMELINE

2011-01-27 - Vulnerability Discovered by VUPEN and shared with TPP customers
2011-12-16 - Public disclosure

Related

checkpoint_advisories 1
prion 8
cve 8
ubuntucve 8
nessus 17
redhat 1
openvas 10
freebsd 1
suse 4
securityvulns 1
gentoo 1
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Embedded Flash Object Code Execution (APSB11-28; CVE-2011-2459)
2011-11-15 00:00:00
prion
prion
Memory corruption
2011-11-11 16:55:00
Memory corruption
2011-11-11 16:55:00
Memory corruption
2011-11-11 16:55:00
cve
cve
CVE-2011-2451
2011-11-11 16:55:00
CVE-2011-2454
2011-11-11 16:55:00
CVE-2011-2455
2011-11-11 16:55:00
ubuntucve
ubuntucve
CVE-2011-2454
2011-11-11 00:00:00
CVE-2011-2452
2011-11-11 00:00:00
CVE-2011-2460
2011-11-11 00:00:00
nessus
nessus
RHEL 5 / 6 : flash-plugin (RHSA-2011:1445)
2011-11-14 00:00:00
Adobe AIR for Mac <= 3.0 Multiple Vulnerabilities (APSB11-28)
2011-11-28 00:00:00
Flash Player for Mac <= 10.3.183.10 / 11.0.1.152 Multiple Vulnerabilities (APSB11-28)
2011-11-18 00:00:00
redhat
redhat
(RHSA-2011:1445) Critical: flash-plugin security update
2011-11-11 00:00:00
openvas
openvas
FreeBSD Ports: linux-f10-flashplugin
2012-02-13 00:00:00
FreeBSD Ports: linux-f10-flashplugin
2012-02-13 00:00:00
Adobe Flash Player Multiple Vulnerabilities - November 11 (Linux)
2011-11-16 00:00:00
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2011-11-10 00:00:00
suse
suse
Security update for flash-player (critical)
2011-11-15 16:08:21
remote code execution in flash-player
2011-11-17 11:56:32
VUL-0: flash-player: sec. update to version 11.1.102.55 (critical)
2011-11-16 17:08:30
securityvulns
securityvulns
Adobe Flash Player multiple security vulnerabilities
2011-12-26 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2012-04-17 00:00:00
JSON
Related for SECURITYVULNS:DOC:27474
checkpoint_advisories1prion8cve8ubuntucve8nessus17redhat1openvas10freebsd1suse4securityvulns1gentoo1