|CERT-In Vulnerability Note
Adobe Flash Player SWF File Remote Memory Corruption Vulnerability
Original Issue Date:April 18, 2011
Severity Rating: HIGH
- Adobe Flash Player 10.2.153.1 and earlier versions for Windows, Macintosh, Linux, and Solaris
- Adobe Flash Player 10.2.154.25 and earlier for Chrome
- Adobe Flash Player 10.2.156.12 and earlier for Android
A vulnerability has been reported in Adobe Flash Player which could allow an unauthenticated, remote attacker to execute arbitrary code on the system installed with vulnerable version of application or could also cause denial of service condition (application crash).
This vulnerability is caused due to an error in "authplay.dll" module while parsing ActionScript in maliciously crafted flash content embedded within Microsoft Word (.doc), Microsoft Excel (.xls) file or PDF files. ActionScript adds a custom function to the prototype of a predefined class. It has been reported that this vulnerability is being exploited.
An unauthenticated, remote attacker could exploit this vulnerability by enticing users to view a maliciously crafted file, which is likely to be embedded in document files or hosted on website or sent as an attachment. When viewed, the file could cause the application to perform an invalid memory operation, corrupting memory. The attacker could use the memory corruption to execute arbitrary code on the system installed with vulnerable version of application, with the privileges of currently logged-in user. Unsuccessful attack could cause application crash or denial-of-service (DoS) condition.
- Exercise caution while visiting websites links received in emails
- Use the Microsoft Enhanced Mitigation Experience Toolkit
- Enable DEP in Microsoft Windows
- Disable automatic displaying of PDF documents in the web browsers.
- Disable automatic displaying of flash contents in the web browsers.
- Use Adobe automatic update feature
- Use Adobe Reader X which is featured with protected mode.
- Make use of Enhanced security feature provided in Adobe reader. It can be enabled by Edit > Preferences > Security (Enhanced)> and Check
- Enabled Enhanced Security
- Create log file
- Automatically trust sites from my Win OS security zones
- Selective white listing can be enabled by Adding host, Add File and Add folder path to be excluded
Install appropriate patches as mentioned in
Adobe Security Bulletin
The information provided herein is on "as is" basis, without warranty of any kind.
Email: email@example.com Phone: +91-11-24368572
Indian Computer Emergency Response Team (CERT-In)
Department of Information Technology
Ministry of Communications & Information Technology
Government of India
6, CGO Complex, Lodhi Road,
New Delhi - 110 003