Zero-day vulnerability in Adobe Flash Player

Type Confusion
CVE-2012-0779

This vulnerability has been exploited in the wild as part of the "World Uyghur Congress Invitation.doc" e-mail attack.

Known malware:

TROJ_SCRIPBRID.A; backdoor BKDR_INJECT.EVL.

Vulnerability details

Advisory: SB2012050401 - Remote code execution in Adobe Flash Player

Vulnerable component: Adobe Flash Player

CVE-ID: CVE-2012-0779

CVSSv3 score: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C

CWE-ID: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')

Description:

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to object type confusion error when processing .swf files. A remote attacker can create a specially crafted .swf file, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

Public Exploits: