Zero-day vulnerabilities discovered: 6
Stack-based buffer overflow
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The vulnerability was discovered by the researcher ‘bilou’, who reported the bug through HP’s Zero Day Initiative (ZDI).
Has been used in a watering hole attack against US Defense and Financial Services firms, where it was hosted on the compromised Forbes.com website.
Software: Adobe Flash Player
Known/fameous malware:
Trojan.Win32.Bergard.A.
Links:
https://helpx.adobe.com/security/products/flash-player/apsb14-27.html
https://www.symantec.com/security_response/writeup.jsp?docid=2015-011509-4745-99
http://www.securityweek.com/adobe-patches-flash-player-vulnerability-exploited-wild
http://news.softpedia.com/news/Chinese-Hackers-Target-Forbes-com-In-Watering-Hole-Attack-472871.shtm...
http://www.cso.com.au/article/562228/adobe-patches-flash-zero-day-under-attack/
http://blog.malcovery.com/forbes.com-adobe-flash-player-and-your-email
http://securityaffairs.co/wordpress/33417/cyber-crime/chinese-hackers-hit-forbes.html
https://arstechnica.com/security/2015/02/pwned-in-7-seconds-hackers-use-flash-and-ie-to-target-forbe...
Use-after-free error
The vulnerability allows a remote attacker to execute arbitrary code on the target system.An Adobe Flash vulnerability was discovered in October and promptly patched. The exploits in the Nuclear and Angler kits were detected by the French researcher Kafeine shortly after the company released an update on Oct.14. Despite a patch on 14, October 2014, the vulnerability was not completely mitigated. The vulnerability was patched again in November, 25.
Software: Adobe Flash Player
Known/fameous malware:
Troj/SWFExp-CD.
Exploit kits: Angler, Nuclear, and Astrum.
Links:
https://helpx.adobe.com/security/products/flash-player/apsb14-22.html
https://helpx.adobe.com/security/products/flash-player/apsb14-26.html
https://blogs.technet.microsoft.com/mmpc/2014/12/02/an-interesting-case-of-the-cve-2014-8439-exploit...
http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2014-8439-vulnerability-trend-micro-s...
http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2014-8439-vulnerability-trend-micro-s...
https://www.fireeye.com/blog/threat-research/2015/01/a_different_exploit.html
https://nakedsecurity.sophos.com/2014/11/28/adobe-publishes-out-of-band-flash-update-booster-dose-fo...
http://www.pcworld.com/article/2852412/adobe-tries-again-to-fix-flash-vulnerability.html
http://www.techtimes.com/articles/20976/20141126/adobe-releases-patch-to-re-fix-flash-player-vulnera...
Security bypass
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The vulnerability was discovered by Costin Raiu and Vitaly Kamluk of Kaspersky Labs.
Exploited by Animal Farm group.
Software: Adobe Reader
Links:
https://helpx.adobe.com/security/products/reader/apsb14-19.html
https://www.symantec.com/security_response/vulnerability.jsp?bid=69193
https://www.symantec.com/security_response/writeup.jsp?docid=2014-082218-1438-99
http://securityaffairs.co/wordpress/27535/cyber-crime/cve-2014-0546-adobe-flaw.html
http://zerosecurity.org/2014/08/cve-2014-0546-found-utilized-small-targeted-attacks
http://www.securityweek.com/adobe-patches-security-flaw-leveraged-targeted-attacks
https://heatsoftware.com/blog/9286/urgent-adobe-users-told-to-patch-reader-and-acrobat-against-zero-...
http://www.burningflameinteractive.com/aj-burning-flame-blog/adobe-patches-zero-day-vulnerability
Buffer overflow
The vulnerability allows a remote attacker to execute arbitrary code on the target system.A sample of the first exploit was detected on April 14, while a sample of the second came on April 16. The first exploit was initially recorded by KSN on April 9, when it was detected by a generic heuristic signature.
The disclosed vulnerability was actively exploited and relates to attack via the website of Syrian Ministry of Justice in September, 2013.
Software: Adobe Flash Player
Known/fameous malware:
Exploit:SWF/CVE-2014-0515
Links:
https://helpx.adobe.com/security/products/flash-player/apsb14-13.html
https://securelist.com/blog/incidents/59399/new-flash-player-0-day-cve-2014-0515-used-in-watering-ho...
http://blog.trendmicro.com/trendlabs-security-intelligence/analyzing-cve-2014-0515-the-recent-flash-...
https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=27555
https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=27552
https://www.zscaler.com/blogs/research/nuclear-exploit-kit-and-flash-cve-2014-0515
http://54.204.81.18/news/stories/39397-blog-new-flash-player-0-day-cve-2014-0515-used-in-watering-ho...
http://www.securityweek.com/adobe-patches-flash-player-zero-day-used-watering-hole-attacks
https://krebsonsecurity.com/2014/04/adobe-update-nixes-flash-player-zero-day/#more-25786
Double free
The vulnerability allows a remote attacker to execute arbitrary code on the target system.Wen Guanxing of Venustech, The Google Security Team and FireEye were working at the vulnerability.
FireEye dubbed the attack exploiting the vulnerability "Operation GreedyWonk".
The vulnerability was exploited to compromise sites of:
Software: Adobe Flash Player
Known/fameous malware:
Elderwood exploit kit.
Links:
https://helpx.adobe.com/security/products/flash-player/apsb14-07.html
https://www.alienvault.com/blogs/labs-research/analysis-of-an-attack-exploiting-the-adobe-zero-day-c...
https://www.trustwave.com/Resources/SpiderLabs-Blog/Deep-Analysis-of-CVE-2014-0502-%E2%80%93-A-Doubl...
https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=655
https://volatility-labs.blogspot.com/2014/04/building-decoder-for-cve-2014-0502.html
https://blog.threattrack.com/adobe-exploit-cve-2014-0502/
http://www.benhayak.com/2014/05/deep-analysis-of-cve-2014-0502-double.html
http://www.welivesecurity.com/2014/10/31/two-recently-patched-adobe-flash-vulnerabilities-now-used-e...
https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=27443
http://www.theregister.co.uk/2014/02/20/flash_adobe_posts_emergency_fix/
https://nakedsecurity.sophos.com/2014/02/21/adobe-pushes-out-critical-flash-update-second-zero-day-h...
http://dailyleet.com/how-the-elderwood-platform-is-fueling-2014s-zero-day-attacks/
https://www.scmagazineuk.com/chinese-spies-launch-new-adobe-zero-day-attack/article/541288/
http://arstechnica.com/security/2014/02/adobe-releases-emergency-flash-update-amid-new-zero-day-driv...
Integer underflow
The vulnerability allows a remote attacker to execute arbitrary code on the target system.Exploited by DarkHotel APT.
The vulnerability survived for 84 days after update in November 2013.
Software: Adobe Flash Player
Links:
https://helpx.adobe.com/security/products/flash-player/apsb14-04.html
https://securingtomorrow.mcafee.com/mcafee-labs/flash-zero-day-vulnerability-cve-2014-0497-lasts-84-...
https://blogs.technet.microsoft.com/mmpc/2014/02/17/a-journey-to-cve-2014-0497-exploit/
https://www.fireeye.com/blog/threat-research/2015/03/flash_in_2015.html
http://securityaffairs.co/wordpress/21937/cyber-crime/adobe-flash-player-fixed.html
https://business.kaspersky.com/darkhotel-hackingteam/4357/