Fortinet Discovers Adobe Flash Player Vulnerability
Fortinet's FortiGuard Labs has discovered a memory corruption vulnerability in Adobe Flash Player.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Adobe.Flash.Player.AS3.Trait.Type.Memory.Corruption [previous name: FG-VD-11-012-Adobe]
Released Sep 20, 2011
Users should apply the solution provided by Adobe.
The vulnerability exists due to insufficient sanitization of a function parameter in Adobe AVM2. Remote attackers can exploit this vulnerability to execute arbitrary code by enticing victims to open a crafted Flash file.
Bing Liu of Fortinet's FortiGuard Labs