Adobe Flash FLA File Parsing Vulnerabilities - Advisories - Secunia

Thursday, March 20, 2008 8:21 AM cmosby

Adobe Flash FLA File Parsing Vulnerabilities - Advisories - Secunia

Adobe Flash FLA File Parsing Vulnerabilities

Secunia Advisory:
SA29455
Release Date:
2008-03-20
Critical:

Moderately critical
Impact:
System access
Where:
From remote
Solution Status:
Unpatched
Software:
Adobe Flash CS3
Macromedia Flash MX 2004
CVE reference:
CVE-2008-1201 (Secunia mirror)
Description:
cocoruder has reported some vulnerabilities in Adobe Flash, which can be exploited by malicious people to compromise a user's system.

The vulnerabilities are caused due to unspecified errors when parsing specially crafted FLA files.

Successful exploitation may allow execution of arbitrary code when opening a malicious FLA file.

Solution:
According to the vendor, the vulnerabilities will be fixed in the next major release of Flash Professional.

Do not open untrusted FLA files.

Provided and/or discovered by:
cocoruder

Original Advisory:
Adobe:
http://www.adobe.com/support/security/advisories/apsa08-03.html

cocoruder:
http://ruder.cdut.net/blogview.asp?logID=241

Source: Adobe Flash FLA File Parsing Vulnerabilities - Advisories - Secunia

Filed under: Patch Management, Internet Applications, Software Vulnerabilites

Comments

No Comments

Chris Mosby at myITforum.com

Search

Tags

News

Unique Visitors

Navigation

Archives

Microsoft Links

SMS Links

Great Blogs

My Links

Security Links

Anti-Virus Links

Things I Have Done or I Am Involved In

Published Works

Adobe Flash FLA File Parsing Vulnerabilities - Advisories - Secunia

Comments