HTTP: Adobe Flash Player Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to arbitrary code execution.
Extended Description
Adobe Flash Player is prone to a remote code-execution vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious file. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the victim running the vulnerable application. Adobe Flash Player 9.0.45.0 and earlier, 8.0.34.0 and earlier, and 7.0.69.0 and earlier are affected.
Affected Products
Nintendo nintendo_wii,Suse linux_desktop
Short Name
HTTP:STC:ADOBE:FLASH-PLY-RCE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Adobe CVE-2007-3456 Code Execution Flash Player Remote bid:24856
Release Date
10/14/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3576
False Positive
Unknown
Vendors
Red_hat
Suse
Apple
Gentoo
Sun
Turbolinux
Foresight_linux
Macromedia
Nintendo
Adobe
CVSS Score
9.3