HTTP: Adobe Flash Player SWF File MP4 Data Parsing Memory Corruption

This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to arbitrary code execution.

Extended Description

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors related to improper length calculation and the (1) STSC, (2) STSZ, and (3) STCO atoms.

Affected Products

Adobe air

References

BugTraq: 40801

CVE: CVE-2010-2162

Short Name
HTTP:STC:ADOBE:FLASH-PLY-MP4-MC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Adobe CVE-2010-2162 Corruption Data File Flash MP4 Memory Parsing Player SWF bid:40801
Release Date
10/20/2016
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3761
False Positive
Unknown
Vendors

Macromedia

Adobe

CVSS Score

9.3

Found a potential security threat?