Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43440
  • Total Topics: 16532
  • Online today: 3066
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 2
Guests: 3058
Total: 3060









Author Topic: A Quick Analysis of the Flash Player Opcode-Verifying Code Execution Vulnerabili  (Read 2668 times)

0 Members and 1 Guest are viewing this topic.

Pez

  • SCF VIP Member
  • *****
  • Posts: 776
  • KARMA: 117
  • Gender: Male
  • Pez
A Quick Analysis of the Flash Player Opcode-Verifying Code Execution Vulnerability

On October 12, McAfee Labs learned of proof-of-concept code exploiting a newly patched Flash Player vulnerability. Adobe had patched this vulnerability in its latest security update on October 8. Our research team rapidly responded to this threat with an in-depth analysis of the root cause and the degree of exploitability.

This specific vulnerability occurred due to a coding fault in Adobe’s ActionScript virtual machine (a.k.a. The Tamarin Project). Specifically, it lies in the way that AVM2 verifies the opcode OP_inclocal or OP_declocal. A checking logic step was mistakenly disabled by a macro. As a result, a U30 parameter was used directly without a bounds check, which leads to various code execution situations.

We assess the threat, CVE-2012-5271, by the following:

•The root cause is quite simple. It’s in the core of the AVM (verification), so every platform’s Flash Player (such as the built-in Flash Player on Chrome and Windows 8 ) is affected.

•AVM is a scriptable virtual machine. Because the coding fault lies in its core verification process, attackers may have many opportunities to develop a working exploit.

We strongly suggest users update their Flash Players as soon as possible. For McAfee customers, a User Defined Signature was released late on Friday, Oct 12 to deliver our protections. The signature name is “UDS-HTTP: Adobe Flash Player ActionScript Opcode OP_inclocal and OP_declocal Verifying Code Execution Vulnerability.”

McAfee Labs will continue to monitor the threat of this vulnerability.
 

I’d like thank my colleagues Yichong Lin, Bing Sun, XiaoBo Chen, and Chong Xu for their collaboration on this analysis.

Orginal Article: Monday, October 15, 2012 at 8:42pm by Haifei Li
Their is two easy way to configure a system!
Every thing open and every thing closed.
Every thing else is more or less complex.

Start Turfing ! http://scforum.info/index.php/topic,8405.msg21475.html#msg21475

Samker's Computer Forum - SCforum.info


Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
...

We strongly suggest users update their Flash Players as soon as possible.

...

Thanks for the heads up pal. :thumbsup:

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023