Adobe Flash Professional <= 11.5.1.349 JPG Object Dimension Memory Allocation FLA File Handling Remote Overflow (APSB12-12)

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has a multimedia authoring application that
is affected by a code execution vulnerability.

Description :

According to its version, at least one instance of Adobe Flash
Professional on the remote Windows host is less than or equal to
11.5.1.349. It is, therefore, reportedly affected by an integer
overflow error in Flash.exe when allocating memory to process a JPG
object using its image dimensions.

See also :

http://www.adobe.com/support/security/bulletins/apsb12-12.html

Solution :

Upgrade to Adobe Flash Professional CS5 11.5.2.349, Flash
Professional CS6, or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 59176 ()

Bugtraq ID: 53419

CVE ID: CVE-2012-0778

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now