Title: Adobe Flash Player 'asfunction' Cross Site Scripting Vulnerability
Severity: MODERATE
Description:
Adobe Flash Player is a multimedia application for Microsoft Windows, Mozilla, and Apple technologies. ActionScript is a language used to develop media processed by Adobe Flash Player. The 'asfunction' protocol allows HTTP hyperlinks to launch ActionScript functions.
The application is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied data. The vulnerability occurs in the 'asfunction' protocol when handling certain SWF files.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
UPDATE (January 2, 2008): The following information was reported regarding Flash files that can be used as attack vectors for the above issue:
- The 'skinName' parameter of Flash files produced using the 'Insert Flash Video' feature of Dreamweaver.
- The 'baseurl' parameter of the 'main.swf' controller file used in all Connect/Breeze online presentations produced by Acrobat Connect and Dreamweaver.
Affected Products:
- Adobe Flash Player 8.0.34.0
- Adobe Flash Player 9.0.28.0
- Adobe Flash Player 9.0.31.0
- Adobe Flash Player 9.0.45.0
- Adobe Flash Player 9.0.47.0
- Adobe Flash Player 9.0.48.0
- Gentoo Linux
- Nortel Networks Media Processing Svr 1000 Rel 3.0
- Nortel Networks Peri Application
- Nortel Networks Peri Workstation
- Nortel Networks Self-Service - CCSS7
- RedHat Enterprise Linux Desktop Supplementary 5 client
- RedHat Enterprise Linux Extras 3
- RedHat Enterprise Linux Extras 4
- RedHat Enterprise Linux Extras 4.5.z
- RedHat Enterprise Linux Extras 4.6.z
- RedHat Enterprise Linux Supplementary 5 server
- S.u.S.E. Linux Personal 10.1
- S.u.S.E. Linux Professional 10.1
- S.u.S.E. Novell Linux Desktop 9.0.0
- S.u.S.E. SUSE Linux Enterprise Desktop 10 SP1
- S.u.S.E. openSUSE 10.2
- S.u.S.E. openSUSE 10.3
- Sun OpenSolaris build snv_88
- Sun Solaris 10.0
- Sun Solaris 10.0_x86
- Turbolinux FUJI
- Turbolinux wizpy
References:
- Adobe: APSA07-06 - Vulnerabilities in some SWF files could allow cross-site scripting
- Adobe: APSB07-20 Flash Player update available to address security vulnerabilities
- Adobe: APSB08-01 - Update to Dreamweaver and Contribute to address potential cross-site
- Adobe: APSB08-02 - Update available for Adobe Connect Enterprise Server cross-site scri
- Adobe: Adobe Flash Homepage
- InformAction: NoScript Homepage
- Nortel Networks: Nortel Response to Sun Alert 238305 - Multiple Security Vulnerabilities in Flash
- Red Hat: RHSA-2007:1126-8 - flash-plugin security update
- Sun Microsystems: Solution 238305: Multiple Security Vulnerabilities in Flash Player for Solaris
- US-CERT: Vulnerability Note VU#758769
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
