Summary:

Fortinet's FortiGuard Labs has discovered three memory corruption vulnerabilities in Adobe Flash, which allow a remote attacker to compromise a system through a malicious SWF file.

Impact:

Remote code execution.

Risk:

High

Affected Software:

For a list of affected software, please refer to the Adobe Security Bulletin reference below. Please note that other Adobe products (such as Reader / Acrobat) incorporate Flash, and may be vulnerable as well.

Additional Information:

Three memory corruption vulnerabilities were discovered in Adobe Flash, each of which is highlighted below:

• Memory corruption in "Flash10d.ocx" (CVE-2010-2166)
• Memory corruption in "Flash10e.ocx" (CVE-2010-2163)
• Memory corruption through VMWare Tools Service (CVE-2010-2189)

The vulnerabilities (CVE-2010-2166, CVE-2010-2163) are triggered when opening and rendering a SWF movie file. A remote attacker could craft a malicious SWF file which exploits either one of these vulnerabilities, allowing them to compromise a system. The vulnerability (CVE-2010-2189) is triggered through a special environment condition when running a flash movie under VMWare and VMWare Tools.

Solutions:

• Users should apply the solution provided by Adobe.

FortiGuard Labs released the following signature to protect against this vulnerability:

• "FG-VD-10-001-Adobe" (CVE-2010-2166)
• "FG-VD-10-019-Adobe" (CVE-2010-2163)

References:

• Adobe Security Bulletin: APSB10-14
• CVE ID: CVE-2010-2166
• CVE ID: CVE-2010-2163
• CVE ID: CVE-2010-2189

Acknowledgment:

• Bing Liu of Fortinet's FortiGuard Labs (CVE-2010-2166, CVE-2010-2163)
• Haifei Li of Fortinet's FortiGuard Labs (CVE-2010-2189)