Published: 2008-05-31T15:09+00:00
Last Updated: 2008-05-31T15:09+00:00
TRTA08-149A
Exploitation of Adobe Flash Vulnerability
Overview
A vulnerability that affects Adobe Flash Player 9 is being actively exploited to install malicious software.
Event Information
| Date (UTC) | Description |
| 2008-05-29 19:13 |
F-Secure Inside a Malicious Flash File F-Secure Weblog : News from the Lab The lab has been receiving lots of malicious flash files lately. Most of the flash files that we've received have obfuscated shellcodes. |
| 2008-05-29 16:28 |
Adobe More information on recent Flash Player exploit Adobe Product Security Incident Response Team (PSIRT) Here's some more information about the recent reports of Flash Player exploits in the wild that may help answer some of the questions we've been seeing: |
| 2008-05-29 15:33 |
IBM Internet Security Systems AlertCon (2) => (1) Active Exploitation - Adobe Flash Player RCE: Several reports have stated that a zero-day Flash vulnerability is being exploited through several Chinese hacker websites. |
| 2008-05-29 12:36 |
Symantec ThreatCON (2) => (1) A recently discovered vulnerability affecting Adobe Flash Player is being leveraged in the wild. Avoid untrusted sites and install Flash 9.0.124.0 immediately. |
| 2008-05-29 01:15 |
JPCERT/CC JPCERT-AT-2008-0009: Vulnerability in Adobe Flash Player |
| 2008-05-28 22:03 |
US-CERT TA08-149A: Exploitation of Adobe Flash Vulnerability Technical Cyber Security Alert published |
| 2008-05-28 17:16 |
SANS Internet Storm Center Another example of malicious SWF Handler's Diary A new variant on the theme of SWF files being found in the wild. This ones uses encoded VBScript to deliver. A google search for www.chliyi.com gives us over 5,000 hits! The likely method of getting the malcious scripts on these web servers is SQL injection, check your code regularly. |
| 2008-05-28 17:16 |
F-Secure Flash w/ SQL F-Secure Weblog : News from the Lab There are reports of a critical vulnerability affecting current versions of Adobe Flash and evidence of it being exploited in the wild. Versions including and previous to 9.0.124.0 are reported to be at risk. |
| 2008-05-28 16:57 |
SANS Internet Storm Center Followup to Flash/swf stories (Version: 2) Handler's Diary We've received quite a bit of mail about our stories yesterday about the malicious SWF files attempting to exploit older versions of the Adobe Flash player. |
| 2008-05-28 15:55 |
McAfee Flash Player Exploit Update 2 Computer Security Research - McAfee Avert Labs Blog Last night our researchers identified similarities between the recent Adobe Flash exploits and a known (patched) vulnerability: CVE-2007-0071. |
| 2008-05-28 11:09 |
Adobe Potential Flash Player issue - update Adobe Product Security Incident Response Team (PSIRT) Here's an update on our progress investigating the recent reports of a potential Flash Player exploit in the wild. The exploit appears to be taking advantage of a known vulnerability, reported by Mark Dowd of the ISS X-Force and wushi of team509, that was resolved in Flash Player 9.0.124.0 (CVE-2007-0071). |
| 2008-05-28 05:14 |
JPCERT/CC JPCERT-AT-2008-0009: Zero-day vulnerability in Adobe Flash Player |
| 2008-05-28 04:02 |
Trend Micro Flash Bugs Exploited in Latest Mass Compromise TrendLabs | Malware Blog - by Trend Micro |
| 2008-05-28 |
Trend Micro SWF_DLOADER.YVN Code execution vulnerability (CVE-2007-0071) |
| 2008-05-28 |
Trend Micro SWF_DLOADER.YVM Code execution vulnerability (CVE-2007-0071) |
| 2008-05-28 |
Trend Micro SWF_DLOADER.ZTS Code execution vulnerability (CVE-2007-0071) |
| 2008-05-27 22:44 |
US-CERT Adobe Flash Player Vulnerability US-CERT Current Activity US-CERT is aware of public reports of a vulnerability in Adobe Flash Player. By convincing a user to open a specially crafted Flash file, a remote, unauthenticated attacker may be able to execute arbitrary code. Public reports indicate that this vulnerability is being actively exploited. |
| 2008-05-27 20:34 |
Symantec ThreatCON (1) => (2) A previously unknown and unpatched (zero-day) vulnerability affecting Adobe Flash Player has been discovered in the wild. Avoid untrusted sites and disable Flash until patches are available. |
| 2008-05-27 19:52 |
McAfee Flash Player Exploit Update Computer Security Research - McAfee Avert Labs Blog Here's a quick update to the earlier post on a new unpatched Adobe Flash vulnerability. Through looking for sites serving these SWF exploits we've found a connection with recent mass hacks. |
| 2008-05-27 18:46 |
SANS Internet Storm Center Malicious swf files? (Version: 2) Handler's Diary A potentially malicious site found |
| 2008-05-27 18:12 |
SANS Internet Storm Center Adobe flash player vuln (Version: 2) Handler's Diary A vulnerability has been reported in Adobe Flash Player versions 9.0.124.0 and older, which is the current version available for download now. Adobe has not yet released a patch nor an official advisory. |
| 2008-05-27 11:05 |
Adobe Potential Flash Player issue Adobe Product Security Incident Response Team (PSIRT) Just a quick note to say we are aware of today's report of a potential exploit involving Flash Player in the wild. We are working with Symantec to investigate the potential SWF vulnerability, and will have an update once we get more information. |
| 2008-05-27 09:58 |
Shadowserver When Adobe Flash Attacks Here's an update on our progress investigating the recent reports of a potential Flash Player exploit in the wild. The exploit appears to be taking advantage of a known vulnerability, reported by Mark Dowd of the ISS X-Force and wushi of team509, that was resolved in Flash Player 9.0.124.0 (CVE-2007-0071). |
| 2008-05-27 |
Symantec Trojan.Emifie Code execution vulnerability (CVE-2007-0071) |
| 2008-04-08 |
Adobe APSB08-11: Flash Player update available to address security vulnerabilities The newest version 9.0.124.0 Critical vulnerabilities have been identified in Adobe Flash Player that could allow an attacker who successfully exploits these potential vulnerabilities to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these potential vulnerabilities. It is recommended users update to the most current version of Flash Player available for their operating system. |
Other Information
| CVE |
CVE-2007-0071 |