APP: Adobe Flash Player RTMP Use-After-Free (CVE-2014-0551)

This signature detects an attempt to exploit a Use-After-Free vulnerability in Adobe Flash Player while parsing a specially crafted RTMP streaming data. Successful exploitation could allow an attacker to access the program memory contents and cause arbitrary code execution into the context of the running application.

Extended Description

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0552, and CVE-2014-0555.

Affected Products

Adobe adobe_air_sdk

References

CVE: CVE-2014-0551

Short Name
APP:MISC:ADOBE-RTMP-UAF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
(CVE-2014-0551) Adobe CVE-2014-0551 Flash Player RTMP Use-After-Free
Release Date
10/06/2014
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3761
Port
TCP/1935
False Positive
Unknown
Vendors

Adobe

CVSS Score

10.0

Found a potential security threat?