BID:53419

Adobe Flash Professional Buffer Overflow Vulnerability

Info

Adobe Flash Professional Buffer Overflow Vulnerability

Bugtraq ID:	53419
Class:	Boundary Condition Error
CVE:	CVE-2012-0778
Remote:	Yes
Local:	No
Published:	May 08 2012 12:00AM
Updated:	May 08 2012 12:00AM
Credit:	Tielei Wang, Georgia Tech Information Security Center
Vulnerable:	Adobe Flash CS5 Professional 11.5.1.349 Adobe Flash CS5 Professional 0 Adobe Flash CS4 Professional 0 Adobe Flash CS3 Professional 0

Not Vulnerable:	Adobe Flash CS6 Professional 0

Discussion

Adobe Flash Professional Buffer Overflow Vulnerability

Adobe Flash Professional is prone to an unspecified remote buffer-overflow vulnerability due to a failure to properly bounds check user-supplied input.

An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Exploit / POC

Adobe Flash Professional Buffer Overflow Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

Adobe Flash Professional Buffer Overflow Vulnerability

Solution:
Updates are available. Please see the references for more information.

References

Adobe Flash Professional Buffer Overflow Vulnerability

References:

APSB12-12 Security Bulletin for Adobe Flash Professional (Adobe)