lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <003401cdeac6$89cdc300$9b7a6fd5@pc>
Date: Fri, 4 Jan 2013 23:56:21 +0200
From: "MustLive" <mustlive@...security.com.ua>
To: <submissions@...ketstormsecurity.org>, <full-disclosure@...ts.grok.org.uk>
Subject: DoS vulnerability in Flash player (access
	violation)

Hello list!

I want to warn you about Denial of Service vulnerability in Flash player 
plugin for browsers. I've found this vulnerability in June (11.06.2011). 
That time I've wrote about this built-in DoS in new version of Flash player 
as a "surprise" from Adobe (for owners of old browser, because in new 
browsers it worked well).

When in December 2011 I've had conversation with Adobe concerning different 
vulnerabilities in their software, I reminded them about that built-in DoS 
in Flash. I stated that it was intentionally made by Adobe (to drop support 
of old browsers), but Adobe PSIRT declined possibility of such DoS. So I've 
made a videos for them (with normal work of plugin and its crash in browser) 
and after viewing of videos, PSIRT confirmed that Adobe really dropped 
support of old browsers. So it's intended behavior - to DoS a browser at 
every flash-file (it can be even blank swf-file). In December 2012 I've 
uploaded the video (with crash) to YouTube.

-------------------------
Affected products:
-------------------------

Vulnerable are Flash 10.3 (and potentially 10.1 and 10.2) and next versions.

Tested in next versions of flash plugin: Flash 10.0 r42 (works fine), Flash 
10.3 r183 (crashes). Version 10.3 r183 can be seen in the video. Some time 
ago I also checked it in version 11.4 r402 and it works the same as in 10.3 
r183.

----------
Details:
----------

DoS:

This is Denial of Service vulnerability and it's memory corruption (access 
violation).

Video:

http://www.youtube.com/watch?v=3W_5jb17Aus

Attack works in old versions of browsers (particularly on Gecko engine). The 
browser with Flash 10.3 and next versions crashes (at direct view of 
swf-file or web page with embedded flash-file). This happens due to stopping 
of support of old versions of browsers by Adobe (in NPAPI versions of Flash 
player).

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua 


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ