CVE-2012-0758 Adobe Shockwave Player Parsing cupt atom heap overflow
2012-02-15 20:06
671 查看
Discover: instruder of code audit labs of vulnhunt.com
CAL: CAL-2011-0071
CVE: CVE-2012-0758
=================
adobe shockwave 11.6.3.633
adobe Shockwave 11.6.1.629 and prior
=====================
When adobe shockwave player parsing a dir type file,
it takes a dword from the dir file,and then take some
Computing this computing will leding to Integer overflow,
allocate a small memory,this Cause a heap overflow.
=========
asm in dirapi.dll 11.6.1.629
c code like
==================
============
Successfully exploited this vulnerability could lead to arbitrary code execution.
===============
=====================
Code Audit Labs secure your software,provide Professional include source
code audit and binary code audit service.
Code Audit Labs:” You create value for customer,We protect your value”
http://www.VulnHunt.com http://blog.vulnhunt.com http://t.qq.com/vulnhunt http://weibo.com/vulnhunt
CAL: CAL-2011-0071
CVE: CVE-2012-0758
1 Affected Products
=================adobe shockwave 11.6.3.633
adobe Shockwave 11.6.1.629 and prior
2 Vulnerability Details
=====================When adobe shockwave player parsing a dir type file,
it takes a dword from the dir file,and then take some
Computing this computing will leding to Integer overflow,
allocate a small memory,this Cause a heap overflow.
3 Analysis
=========asm in dirapi.dll 11.6.1.629
==================
4 Exploitable?
============Successfully exploited this vulnerability could lead to arbitrary code execution.
5 Crash info:
===============
6 About Code Audit Labs:
=====================Code Audit Labs secure your software,provide Professional include source
code audit and binary code audit service.
Code Audit Labs:” You create value for customer,We protect your value”
http://www.VulnHunt.com http://blog.vulnhunt.com http://t.qq.com/vulnhunt http://weibo.com/vulnhunt
相关文章推荐
- CVE-2012-0759 Adobe Shockwave Player Director File Parsing KEY ATOM Pointer Overwrite
- CVE-2011-2446 Adobe Shockwave Player Director File Parsing PAMM memory corruption vulnerability
- CVE-2011-2448 Adobe ShockwaveDirector File Parsing data of rcsl chunk multiple DOS vulnerabilities
- Adobe Flash Player CVE-2012-0779漏洞技术分析
- Adobe Flash Player CVE-2012-0779漏洞技术分析
- CVE-2012-0003 Microsoft Windows Media Player ‘winmm.dll’ MIDI文件解析远程代码执行漏洞 分析
- Windows Server 2012 R2 IE浏览器安(qi)装(yong)Adobe Flash Player
- Adobe Flash Player 安全限制绕过安全漏洞(CVE-2018-12825)
- Windows Media Player BMP Heap Overflow (MS06-005)
- Adobe Shockwave Player v10.2.0.022 下载
- Adobe PDF LibTiff Integer Overflow CVE-2010-0188分析
- Windows Server 2012 R2 安装 Adobe Flash Player
- Chrome Adobe flash player已过期怎么办
- Flash Builder 找不到所需的Adobe flash player调试器版本
- Embed Adobe Flash Player in Web
- MAC chrome浏览器 "adobe flash player不是最新版本提示" 的解决方案
- Debian下安装Adobe Flash Player
- Ubuntu15.04上为火狐浏览器安装Adobe Flash Player插件