Zero-Day Advisory
Fortinet Discovers Adobe Flash Player Vulnerability
Summary
Fortinet's FortiGuard Labs has discovered a memory corruption vulnerability in Adobe Flash Player.
Solutions
FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:Adobe.Flash.Player.NPSWF32.dll.Tag.Parsing.Memory.Corruption [previous name: FG-VD-12-016-Adobe]
Released May 31, 2012
Users should apply the solution provided by Adobe.
Additional Information
The vulnerability can be triggered when opening a maliciously crafted swf file containing a malformed field. It could allow an attacker to execute arbitrary code on the affected system.
Acknowledgement
Xu Liu of Fortinet's FortiGuard Labs