Friday, October 3, 2008

Unpatched Vulnerability In Adobe Flash Player Plug-in

There has been found a vulnerability in Adobe Flash Player plug-in. If a Flash 9 SWF loads two SWF files with different SWF version numbers from two distinct HTTP requests to the exact same URL (including query string arguments), then Adobe's Flash Player plug-in will try to dereference a null pointer. For browsers where plug-ins run in the same process (e.g., Internet Explorer 6 and 7, Firefox 3, and Safari 3 on Windows
and OS X) the vulnerability causes the entire browser process to crash.

Vulnerable are at least following versions on Windows, OS X and Linux:
- 9.0.45.0
- 9.0.112.0
- 9.0.124.0
- 10.0.12.10

At the moment of writing this there isn't patch available for the vulnerability.

More information:
SecurityFocus BugTraq note
Adobe Flash Player plug-in browser crash (bug reporter's site)

No comments: