History

Welcome to the Flash malware discussion wiki.

Types of Attack Patterns

In this section, we want to document the types of attack patterns that need to be countered, hopefully arriving at some consistent classification at some point in time.

Known Vulnerabilities

This section documents known vulnerabilities in Flash that should be of concern to Blitzableiter

  • Adobe Shockwave Player Director File SetVertexArray Remote Code Execution Vulnerability (CVE-2010-4090)
  • Adobe Acrobat Reader and Flash 'newfunction' Remote Code Execution Vulnerability (CVE-2010-2168)
  • a memory corruption vulnerability that could lead to code execution (CVE-2010-1297). There are reports that this issue is being actively exploited in the wild. (The exploit is available here)
  • a memory exhaustion vulnerability that could lead to code execution (CVE-2009-3793).
  • a memory corruption vulnerability that could lead to code execution (CVE-2010-2160).
  • an indexing vulnerability that could lead to code execution (CVE-2010-2161).
  • a heap corruption vulnerability that could lead to code execution (CVE-2010-2162).
  • multiple vulnerabilities that could lead to code execution (CVE-2010-2163).
  • a use after free vulnerability that could lead to code execution (CVE-2010-2164).
  • a memory corruption vulnerability that could lead to code execution (CVE-2010-2165).
  • a memory corruption vulnerability that could lead to code execution (CVE-2010-2166).
  • multiple heap overflow vulnerabilities that could lead to code execution (CVE-2010-2167) (VUPEN, GIF/JPEG parsing overflows)
  • a pointer memory corruption that could lead to code execution (CVE-2010-2169).
  • an integer overflow vulnerability that could lead to code execution (CVE-2010-2170).
  • a memory corruption vulnerability that could lead to code execution (CVE-2010-2171).
  • a denial of service issue on some UNIX platforms (Flash Player 9 only) (CVE-2010-2172).
  • an invalid pointer vulnerability that could lead to code execution (CVE-2010-2173).
  • an invalid pointer vulnerability that could lead to code execution (CVE-2010-2174).
  • a memory corruption vulnerability that could lead to code execution (CVE-2010-2175).
  • a memory corruption vulnerability that could lead to code execution (CVE-2010-2176).
  • a memory corruption vulnerability that could lead to code execution (CVE-2010-2177).
  • a memory corruption vulnerability that could lead to code execution (CVE-2010-2178).
  • a URL parsing vulnerability that could lead to cross-site scripting (Firefox and Chrome browsers only) (CVE-2010-2179).
  • a memory corruption vulnerability that could lead to code execution (CVE-2010-2180).
  • an integer overflow vulnerability that could lead to code execution (CVE-2010-2181).
  • a memory corruption vulnerability that could lead to code execution (CVE-2010-2182).
  • a integer overflow vulnerability that could lead to code execution (CVE-2010-2183).
  • a memory corruption vulnerability that could lead to code execution (CVE-2010-2184).
  • a buffer overflow vulnerability that could lead to code execution (CVE-2010-2185).
  • a denial of service vulnerability that can cause the application to crash. Arbitrary code execution has not been demonstrated, but may be possible. (CVE-2010-2186).
  • a memory corruption vulnerability that could lead to code execution (CVE-2010-2187).
  • Adobe Flash Player LocalConnection Memory Corruption Remote Code Execution Vulnerability (CVE-2010-2188).
  • a memory corruption vulnerability that could lead to code execution (CVE-2010-2189).

Findings

In the different finding sections, we are looking at things that the Flash Player does that could become attacks in the future.

Also available in: HTML TXT