Zero-Day Advisory
Fortinet Discovers Adobe Flash Player DoABC Traits Handling Memory Corruption Vulnerability
Summary
Fortinet's FortiGuard Labs has discovered a memory corruption vulnerability in Adobe Flash Player.Adobe Flash Player is a freeware for using content created on the Adobe Flash platform, including viewing multimedia, executing rich Internet applications, and streaming video and audio. Flash Player can run from a web browser as a browser plug-in or on supported mobile devices.Flash Player has a wide user base, and is a common format for games, animations, and GUIs embedded into web pages. More than 400 million Internet-enabled computers have Flash Player installed.
A memory corruption vulnerability exists in Adobe Flash Player. This vulnerability is caused due to insufficient validation when handling Traits structure.It may lead to an unexpected application termination or arbitrary code execution.
Solutions
FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:Adobe.Flash.Player.DoABC.Traits.Handling.Memory.Corruption
Released Jul 07, 2015
Users should apply the solution provided by Adobe.