Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:SWF:MEM-DISC |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Adobe Shockwave Flash Player Memory Disclosure |
Release Date |
2015/01/21 |
Update Number |
2461 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Adobe Shockwave Flash Player Memory Disclosure
This signature detects an attempt to exploit a memory disclosure vulnerability against Adobe Shockwave Player. Successful exploitation could allow an attacker to craft a malicious dir file and launch further attacks into the context of the running application.
Extended Description
Adobe Shockwave Player before 12.0.2.122 does not prevent access to address information, which makes it easier for attackers to bypass the ASLR protection mechanism via unspecified vectors.
Affected Products
- Adobe shockwave_player 1.0
- Adobe shockwave_player 10.0.0.210
- Adobe shockwave_player 10.0.1.004
- Adobe shockwave_player 10.1.0.011
- Adobe shockwave_player 10.1.0.11
- Adobe shockwave_player 10.1.1.016
- Adobe shockwave_player 10.1.4.020
- Adobe shockwave_player 10.2.0.021
- Adobe shockwave_player 10.2.0.022
- Adobe shockwave_player 10.2.0.023
- Adobe shockwave_player 11.0.0.456
- Adobe shockwave_player 11.0.3.471
- Adobe shockwave_player 11.5.0.595
- Adobe shockwave_player 11.5.0.596
- Adobe shockwave_player 11.5.10.620
- Adobe shockwave_player 11.5.1.601
- Adobe shockwave_player 11.5.2.602
- Adobe shockwave_player 11.5.6.606
- Adobe shockwave_player 11.5.7.609
- Adobe shockwave_player 11.5.8.612
- Adobe shockwave_player 11.5.9.615
- Adobe shockwave_player 11.5.9.620
- Adobe shockwave_player 11.6.0.626
- Adobe shockwave_player 11.6.1.629
- Adobe shockwave_player 11.6.3.633
- Adobe shockwave_player 11.6.4.634
- Adobe shockwave_player 11.6.5.635
- Adobe shockwave_player 11.6.6.636
- Adobe shockwave_player 11.6.7.637
- Adobe shockwave_player 11.6.8.638
- Adobe shockwave_player 12.0.0.112
- Adobe shockwave_player 2.0
- Adobe shockwave_player 3.0
- Adobe shockwave_player 4.0
- Adobe shockwave_player 5.0
- Adobe shockwave_player 6.0
- Adobe shockwave_player 8.0
- Adobe shockwave_player 8.0.196
- Adobe shockwave_player 8.0.196a
- Adobe shockwave_player 8.0.204
- Adobe shockwave_player 8.0.205
- Adobe shockwave_player 8.5.1
- Adobe shockwave_player 8.5.1.100
- Adobe shockwave_player 8.5.1.103
- Adobe shockwave_player 8.5.1.105
- Adobe shockwave_player 8.5.1.106
- Adobe shockwave_player 8.5.321
- Adobe shockwave_player 8.5.323
- Adobe shockwave_player 8.5.324
- Adobe shockwave_player 8.5.325
- Adobe shockwave_player 9
- Adobe shockwave_player 9.0.383
- Adobe shockwave_player 9.0.432
References
- CVE: CVE-2013-1385