Zero-day vulnerabilities discovered: 3
Memory corruption
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The vulnerability was reported by Alexander Gavrun. The exploit was used by Aurora Group.
Software: Adobe Flash Player
Known/fameous malware:
Exploit:SWF/CVE-2012-1535.A.
Links:
https://lists.opensuse.org/opensuse-security-announce/2012-08/msg00010.html
http://www.adobe.com/support/security/bulletins/apsb12-18.html
https://blogs.technet.microsoft.com/mmpc/2012/08/28/a-technical-analysis-on-cve-2012-1535-adobe-flas...
https://www.symantec.com/connect/blogs/cve-2012-1535-adobe-flash-player-vulnerability-exploited-mult...
https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=25878
https://www.f-secure.com/en/web/labs_global/cve-2012-1535
http://contagiodump.blogspot.co.uk/2012/08/cve-2012-1535-samples-and-info.html
https://securingtomorrow.mcafee.com/mcafee-labs/adobe-flash-update-counters-cve-2012-1535/
http://blog.talosintel.com/2012/08/cve-2012-1535-flash-0-day-in-wild.html
http://www.digital4rensics.com/blog/2012/08/brief-osint-review-for-cve-2012-1535-attacks/
https://www.alienvault.com/blogs/labs-research/cve-2012-1535-adobe-flash-being-exploited-in-the-wild
http://www.ehackingnews.com/2012/08/cve-2012-1535-adobe-flash-player-exploit.html
http://thehackernews.com/2012/09/operation-aurora-other-zero-day-attacks.html
Type Confusion
The vulnerability allows a remote attacker to execute arbitrary code on the target system.This vulnerability has been exploited in the wild as part of the "World Uyghur Congress Invitation.doc" e-mail attack.
Software: Adobe Flash Player
Known/fameous malware:
TROJ_SCRIPBRID.A; backdoor BKDR_INJECT.EVL.
Links:
https://www.adobe.com/support/security/bulletins/apsb12-09.html
http://contagiodump.blogspot.com/2012/05/may-3-cve-2012-0779-world-uyghur.html
https://www.symantec.com/connect/blogs/targeted-attacks-using-confusion-cve-2012-0779
http://blog.trendmicro.com/trendlabs-security-intelligence/recent-threats-highlight-vulnerabilities-...
https://krebsonsecurity.com/2012/05/critical-flash-update-fixes-zero-day-flaw/
https://www.alienvault.com/blogs/labs-research/several-targeted-attacks-exploiting-adobe-flash-playe...
https://blogs.technet.microsoft.com/mmpc/2012/05/24/a-technical-analysis-of-adobe-flash-player-cve-2...
http://blog.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-s...
https://www.reddit.com/r/netsec/comments/ta12k/several_targeted_attacks_exploiting_adobe_flash/
http://thehackernews.com/2012/09/operation-aurora-other-zero-day-attacks.html
http://www.securityweek.com/adobe-patches-zero-day-vulnerability-used-targeted-attacks
https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=25718
Cross-site scripting
The vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.The vulnerability was used to target Webmail accounts.
Software: Adobe Flash Player
Links:
https://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html
http://www.adobe.com/support/security/bulletins/apsb12-03.html
https://blog.fortinet.com/2012/02/17/fortinet-researchers-detect-eight-critical-adobe-flaws
https://www.cnet.com/forums/discussions/security-update-available-for-adobe-flash-player-apsb12-03-5...
http://www.zdnet.com/article/adobe-flash-player-xss-flaw-under-active-attack/
http://www.darkreading.com/attacks-breaches/flash-zero-day-used-in-targeted-email-attacks/d/d-id/113...
http://cert.europa.eu/static/SecurityAdvisories/CERT-EU-SA2012-0019.txt