| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <005e01cf0592$eec47410$9b7a6fd5@pc> Date: Mon, 30 Dec 2013 21:11:08 +0200 From: "MustLive" <mustliveua@...il.com> To: <submissions@...ketstormsecurity.org>, <full-disclosure@...ts.grok.org.uk> Subject: DoS vulnerability in Adobe Flash Player (BSOD) Hello list! At beginning of this year I informed you about DoS vulnerability in Adobe Flash. Look at advisory (http://seclists.org/fulldisclosure/2013/Apr/9) with exploit and video demonstration (http://www.youtube.com/watch?v=xi29KZ3LD80) of previous DoS in Flash. Adobe hiddenly fixed it in the patch APSB13-05 and answered that "a fix to another hole accidentally fixed this hole". And here is a new DoS. Which can be new hole or can be related to old one (if Adobe has resurrected old DoS hole in new versions of Flash). This is Denial of Service vulnerability in Adobe Flash, which leaded to BSOD. Last week I informed Adobe and Mozilla (since attack works only in Mozilla browsers). ------------------------- Affected products: ------------------------- Attack works only on AMD/ATI video cards. I checked it on multiple computers with Windows XP, Windows 7 and Ubuntu Linux 13.04. Vulnerable Adobe Flash 11.9.900.152 and 11.9.900.170 (the last version) for Windows and Flash 11.2.202.332 for Linux (the last version for this OS). On Linux there is 100% CPU consumption and on Windows (XP and 7) there is crash of the OS. ---------- Details: ---------- Denial of Service (WASC-10): This is Denial of Service vulnerability, which leads to crash of Operating System (tested on Windows XP and 7). As previous DoS hole, this one also works only with AMD/ATI video cards (and it works on different OS unlike previous DoS in Flash). Also it works potentially in any flash media player in Internet - at any web sites, including YouTube (it doesn't require swf file of VideoJS, as previous hole). This is memory corruption (access violation) vulnerability. Which can be used for BSOD and potentially for remote code execution. Here is video, which demonstrates this vulnerability in Flash: http://www.youtube.com/watch?v=-YgbPCq-dH0 In the video there is web site with JW Player (but freezing and/or crashing of the OS happens in any flash video players). Attack is going on a browser Firefox (on Windows XP freezing or BSOD can be from the first or not from the first time, 100% CPU consumption on Linux works all the time). In Mozilla Firefox 3.0.19, 10.0.7 ESR, 15.0.1 and 26 - freezing of the browser and BSOD of the OS. I have disclosed it at my site (http://websecurity.com.ua/6939/). Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists