Adobe Flash Player Remote Code Execution Vulnerability

Release date:
Updated on:

Affected Systems:
Adobe Acrobat 10.0.2
Adobe Acrobat
Adobe Flash Player <= 10.2.156.12 for Android
Adobe Flash Player <= 10.2.154.25 for Chrome
Adobe Flash Player <= 10.2.153.1 for Windows and Mac
Adobe Reader
Adobe AIR <= 2.6.19120
Description:
--------------------------------------------------------------------------------
Bugtraq id: 47314
Cve id: CVE-2011-0611

Adobe Flash Player is an integrated multimedia Player that allows you to enjoy a wider multimedia experience on the Web. It displays and plays multimedia content from thousands of highly interactive games, to multimedia user interfaces with audio stream requirements, including live concerts and broadcasts.

Adobe Flash Player has a vulnerability in object type processing. Remote attackers can exploit this vulnerability to trick users into executing arbitrary commands on users' systems to process webpages or Office files containing malicious SWF files, this completely controls the affected systems.

An object method of Adobe Flash Player does not correctly identify the object type when being referenced. The vulnerability is triggered to execute malicious commands that allow attackers to control the address, attackers can exploit this vulnerability to execute arbitrary commands by carefully constructing data in the memory and combining Heap Spray and other technologies.

<* Source: Mila Parkour

Link: http://www.adobe.com/support/security/bulletins/apsb11-07.html
*>

Suggestion:
--------------------------------------------------------------------------------
Temporary solution:

* Do not open all Office documents from unknown sources, especially Word and Excel files.

* Use the enhanced relief experience Toolkit (EMET) provided by Microsoft to protect applications that may be exploited by attackers, such as IE, Word, and Excel. Although the vulnerability cannot be triggered, the vulnerability can be exploited to a large extent.

EMET is a utility used to prevent software vulnerabilities from being exploited.

Download the enhanced experience toolkit from the following URL:
Http://go.microsoft.com/fwlink? LinkID = 200220 & clcid = 0x409

Run after installation. Click "Configure Apps" on the page and click "Add" in the dialog box to browse the installation directory of IE (usually c: \ program files \ Internet Explorer \ users select iexplore.exe, click "open", IE will be added to the protected project list, click "OK ", if IE is running, restart the application. Similar operations add other applications to protection.

Vendor patch:

Adobe
-----
Adobe has released a Security Bulletin (APSB11-07) and patches for this:

APSB11-07: Security update available for Adobe Flash Player

Link: http://www.adobe.com/support/security/bulletins/apsb11-07.html