-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2011-0027 Title: Unspecified vulnerability in Adobe Flash Player 11.1.102.55 [1][2] Version history: 09.12.2011 Initial publication Summary ======= Adobe Flash Player 11.1.102.55 on Windows and Mac OS X is prone to remote attacks by execution of arbitrary code via a crafted SWF file. CVE-2011-4693 CVE-2011-4694 Severity Level[3]: CVSS2 Base 9.3 Remote Yes Local No Credibility Vendor Not Confirmed Ease Exploit Available Authentication Not Required Potential impact ================ An attacker can craft a special SWF file which when loaded by the target user, will execute arbitrary code on the target system. 1. An attacker crafts a malicious file to leverage this problem. 2. The attacker may use email or other means to distribute the malicious file and to entice an unsuspecting user to open it. 3. When the file is processed, the attacker's code runs with the target user's privileges. Vulnerable Systems ================== Among others: Operating Systems which run Flash Player What can you do? ================ Solutions: At the time of writing we are not aware of any vendor-supplied patches. We shall send an update when we are aware that any patches have been released. If you feel that this is not correct or if you are aware of more recent information please share with us. Workarounds: Do not accept or execute files that originate from unfamiliar or untrusted sources. Execise caution and be wary of links to sites that are provided by unfamiliar or suspicious sources. Implement memory-protection schemes, such as non-executable stack/heap configurations and randomly mapped memory segment as these may mitigate the risk by complicating exploits of memory-corruption vulnerabilities. Ensure minimal access rights are granted when running software. Monitor network traffic for signs of anomalous or suspicious activities. What to tell your users? ======================== Normal security best practices apply. Especially, inform your Web users to be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Users are to be aware not to click on the link in suspicious emails; to immediately forward the suspicious email to the respective IT security officer / contact in your institution. More information ================ [1] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4693 [2] https://www.redhat.com/security/data/cve/CVE-2011-4694.html [3] CVSS details: CVSS Version 2 Scores CVSS2 Base 9.3 CVSS2 Temporal Undefined CVSS2 Base Vector AV:N/AC:M/Au:N/C:C/I:C/A:C CVSS2 Temporal Vector Undefined More information about CVSS is available at: http://www.first.org/cvss/cvss-guide.html Best regards, CERT-EU Pre-configuration Team (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 -----BEGIN PGP SIGNATURE----- Version: BCPG v1.39 iQJXBAEBAgBBBQJO4flTOhxDRVJUIGZvciB0aGUgRXVyb3BlYW4gSW5zdGl0dXRp b25zIDxjZXJ0LWV1QGVjLmV1cm9wYS5ldT4ACgkQJ6QGykasQ4N0Zg/+MsnCfQif +f822ckKjAa9mzNphGYdwEfxWuFTPKiPh2vfMhIc4yPKxQs3YCfXFGlEHvU8mGl0 AdJpJ/irJ6J5t7HswAn7B61j1F/QhshlcIUWPo3JJ8zLJnF84BQl5yL9KuSbqu/o 22raGXlpc85eg3ABupSVk5NPeGOwc98Bbc3g/fctH5teICorJeW4YAqwcSRa7SOZ h/GC/9MeVxMNt4m6l+YN2ymEylsA0LuK6lGvI5ISzRdiul5xf2xJGIWu3cTR1d0t NmggwWI3xTdPBeVshWzNji72c9ieJzaqZNpVuvuU2DX21WwLhkN5EA92XitHYoQX SpNed+GtX4v/U1O/fe+W/vTGJV5wm6o/OMeiqLLoD7K1/RSjftv5bhF6AgscIWBx W4uyFE+iQr6ZZo6X9ujGVMZmG+MwVYP8i53VwpQovK0LSlVnMYBHWurqFyJokr3j fUrjwiAE77QtWlRDhPq7sKcb/8lEGCjeFvTfKG23VtgJaDmP/Z/qzWqpLRVU2imd d51Y7JBuPuC+4l+1QDuy4D/Xp/uhwCvOxEmSWFO7hb9UNcBc4XtTPF4GaTwrZHBK 50DB36HxZ4FFzkWQicGthQCV9rMPYxAXmLT59/7v0YNvgVDvK9IdFET8UHFEfhcp xlm4LdjOBqxnL0/qF8nLgdHm6XohGAR08hM= =eUvZ -----END PGP SIGNATURE-----