#15 Flash buffer overflow

[robwahl]

There is a buffer overflow in the C# windows forms which is caused by flash. This error was found by bcheck software. The software was said to attempt to overwrite protected memory. Stacktrace at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG & msg) line 18

Scanit. The Security Company
About Browser Test

* Browser test home
* Feedback
* Browser test FAQ
* What vulnerabilities we test
* Test statistics
* Help! My browser is hijacked
* Get notified about new tests
* Old browser test
* Add browser test to your site

Current test status

* Passed Internet Explorer bait & switch race condition - passed
* Passed Internet Explorer createTextRange arbitrary code execution - passed
* Passed Windows MDAC ADODB ActiveX control invalid length - passed
* Failed Adobe Flash Player video file parsing integer overflow - failed. More information
* Untested XMLDOM substringData() heap overflow - not tested yet.
* Untested Apple QuickTime MOV file JVTCompEncodeFrame heap overflow - not tested yet.

Continue the test.
Detailed Vulnerability Information
Adobe Flash Player video file parsing integer overflow (CVE-2007-3456)
Description
Adobe Flash Player is a browser extension that plays Flash movies. By using a specially crafted "flv" video it's possible to trigger an integer overflow inside Adobe Flash interpreter which could lead to client/browser-plugin crash, arbitrary code execution or system denial of service.

This is an arbitrary code execution vulnerability. It means that it can be used to place a backdoor, a virus or spyware on a vulnerable computer.
Recommendations
This problem was fixed in version 9.0.47.0 on Windows, MacOS and Solaris and in version 9.0.48.0 on Linux. Adobe recommends all users of Adobe Flash Player 9.0.45.0 and earlier versions upgrade to the latest available version. The latest version of Adobe Flash player can be downloaded from the Player Download Center, or by using the auto-update mechanism within the product when prompted.

For customers who cannot upgrade to Adobe Flash Player 9, Adobe has developed a patched version of Flash Player 7. Please refer to the Flash Player update TechNote.

To determine what version of Adobe Flash Player you have go to Version test for Adobe Flash Player page.
References

* Adobe security bulletin. Flash Player update available to address security vulnerabilities
* Minded Security Labs: Advisory #MSA01110707. Flash Player/Plugin Video file parsing Remote Code Execution
* Adobe Flash Player Download Center
* Version test for Adobe Flash Player

XMLDOM substringstringData() heap overflow vulnerability test causes visual studio unhanded exception. Expected '{' occurred in Triap.exe [780]