HTTP: Adobe Flash Player for Linux ActionScript ASnative Command Execution
This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to arbitrary command execution.
Extended Description
Adobe Flash Player is prone to a remote command-execution vulnerability due to a failure to validate user supplied input to an internal function. Remote attackers may exploit this vulnerability to compromise an affected computer. This issue affects Flash Player on Linux platforms. Versions prior to Flash Player 10.0.15.3 and 9.0.152.0 are vulnerable.
Affected Products
Pardus linux_2007,Red_hat enterprise_linux_as_extras
Short Name
HTTP:STC:ADOBE:SWF-LINUX-AS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ASnative ActionScript Adobe CVE-2008-5499 Command Execution Flash Linux Player bid:32896 for
Release Date
10/20/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3700
False Positive
Unknown
Vendors
Red_hat
Adobe
Gentoo
Turbolinux
Pardus
Suse
CVSS Score
9.3