mailing list archives
DoS vulnerability in Flash player (access violation)
From: "MustLive" <mustlive () websecurity com ua>
Date: Fri, 4 Jan 2013 23:56:21 +0200
I want to warn you about Denial of Service vulnerability in Flash player
plugin for browsers. I've found this vulnerability in June (11.06.2011).
That time I've wrote about this built-in DoS in new version of Flash player
as a "surprise" from Adobe (for owners of old browser, because in new
browsers it worked well).
When in December 2011 I've had conversation with Adobe concerning different
vulnerabilities in their software, I reminded them about that built-in DoS
in Flash. I stated that it was intentionally made by Adobe (to drop support
of old browsers), but Adobe PSIRT declined possibility of such DoS. So I've
made a videos for them (with normal work of plugin and its crash in browser)
and after viewing of videos, PSIRT confirmed that Adobe really dropped
support of old browsers. So it's intended behavior - to DoS a browser at
every flash-file (it can be even blank swf-file). In December 2012 I've
uploaded the video (with crash) to YouTube.
Vulnerable are Flash 10.3 (and potentially 10.1 and 10.2) and next versions.
Tested in next versions of flash plugin: Flash 10.0 r42 (works fine), Flash
10.3 r183 (crashes). Version 10.3 r183 can be seen in the video. Some time
ago I also checked it in version 11.4 r402 and it works the same as in 10.3
This is Denial of Service vulnerability and it's memory corruption (access
Attack works in old versions of browsers (particularly on Gecko engine). The
browser with Flash 10.3 and next versions crashes (at direct view of
swf-file or web page with embedded flash-file). This happens due to stopping
of support of old versions of browsers by Adobe (in NPAPI versions of Flash
Best wishes & regards,
Administrator of Websecurity web site
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- DoS vulnerability in Flash player (access violation) MustLive (Jan 04)