Security Advisory SA50285 - Adobe Flash Player Font Parsing Code Execution Vulnerability

Secunia

Blog

Secunia Advisory SA50285

Adobe Flash Player Font Parsing Code Execution Vulnerability

Secunia Advisory

SA50285

Release Date

2012-08-14

Last Update

2012-08-20

Popularity

6,976 views

Comments

3 comments

Criticality level

Extremely critical

Impact

System access

Where

From remote

Authentication level

This information is available to Secunia VIM customers

Report reliability

This information is available to Secunia VIM customers

Solution Status

Vendor Patch

Systems affected

This information is available to Secunia VIM customers

Approve distribution

This information is available to Secunia VIM customers

Remediation status

Secunia CSI, Secunia PSI

Automated scanning

Secunia CSI, Secunia PSI

Software:

Adobe Flash Player 11.x

Secunia CVSS Score

This information is available to Secunia VIM Customers

CVE Reference(s)

CVE-2012-1535 CVSS score available to Secunia VIM customers

Description

A vulnerability has been reported in Flash Player, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error when parsing font files.

The vulnerability is reported in the following versions:
* Flash Player 11.3.300.270 and earlier for Windows and Macintosh
* Flash Player 11.2.202.236 and earlier for Linux
* Flash Player 11.3.300.270 and earlier for Chrome users

Successful exploitation allows execution of arbitrary code.

NOTE: The vulnerability is currently being actively exploited in targeted attacks via Word documents against the Windows version.

Solution
Update to version 11.3.300.271 for Windows, Mac, and Chrome or version 11.2.202.238 for Linux.
Further details available to Secunia VIM customers

Provided and/or discovered by
Reported as a 0-day.

The vendor also credits Alexander Gavrun via iDefense VCP.

Changelog
Further details available to Secunia VIM customers

Original Advisory
Adobe:
http://www.adobe.com/support/security/bulletins/apsb12-18.html

Metasploit:
http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/adobe_flash_otf_font.rb

Deep Links
Links available to Secunia VIM customers

Do you have additional information related to this advisory?

Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com

Subject: Adobe Flash Player Font Parsing Code Execution Vulnerability

User

Message

harryjohnston

RE: Adobe Flash Player Unspecified Code Execution Vulnerability

15th Aug, 2012 05:58

Score: 4
Posts: 6
User Since: 20th Jun 2011
System Score: N/A
Location: NZ
Last edited on 15th Aug, 2012 05:58

There's a typo in the advisory: Windows and Macintosh users need to update to 11.3.300.271, not to 11.3.300.270. Also, according to the Adobe bulletin, the latest Chrome version is 21.0.1180.79.

Was this reply relevant?

-1

Anthony Wells

RE: Adobe Flash Player Unspecified Code Execution Vulnerability

15th Aug, 2012 15:54

Score: 2324
Posts: 3,205
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hi ,

If you reread the advisory and look at the solution , you will observe that there is not a "typo" and the correct version for the update is displayed :ie: 11.3.300.271 .

Take care

Anthony

--

It always seems impossible until its done.
Nelson Mandela

Was this reply relevant?

-0

harryjohnston

RE: Adobe Flash Player Unspecified Code Execution Vulnerability

17th Aug, 2012 00:31

Score: 4
Posts: 6
User Since: 20th Jun 2011
System Score: N/A
Location: NZ

That's because it was fixed after I posted my comment.

Was this reply relevant?

-0

Secunia Advisory SA50285

Adobe Flash Player Font Parsing Code Execution Vulnerability

Do you have additional information related to this advisory?

You must be logged in to post a comment.

Secunia Customer Login

Not a customer already?