Adobe.Flash.Player.SWF.Version.Null.Pointer.Dereference.DoS
Description
This indicates an attack attempt against a denial-of-service vulnerability in Adobe Flash Player.
The vulnerability is caused by an error when the vulnerable software handles two responses for the same HTTP request, which includes SWF files with different version numbers. It allows a remote attacker to crash the vulnerable software via sending two crafted HTTP responses.
Affected Products
Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris
Adobe AIR 1.5.3.9130 and earlier versions for Windows, Macintosh and Linux
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Refer to the vendor's web site for the suggested workaround:
http://www.adobe.com/support/security/bulletins/apsb10-14.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |