SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Multimedia)  >   Adobe Flash Player Vendors:   Macromedia
Macromedia Flash Player Lets Malicious Flash Media Files Execute Scripts on the User's Host Without Requiring User Approval
SecurityTracker Alert ID:  1003189
SecurityTracker URL:  http://securitytracker.com/id/1003189
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jan 11 2002
Impact:   Execution of arbitrary code via network
Vendor Confirmed:  Yes  
Version(s): 5.0 and above
Description:   A vulnerability was reported in Macromedia's stand-alone Flash Player for Windows. A remote user can create malicious content that, when executed by a user, will cause a malicious script to run on the user's host.

Sophos Anti-Virus reported that Macromedia Flash Player will run scripts on the user's host without requiring user approval to execute the script. This reportedly only affects the stand-alone Flash Player or Projector that is installed with the Macromedia Flash authoring product and does not affect web-browser based Flash plug-ins.

Impact:   A remote user can create and distribute a malicious Flash media file that, when loaded into a user's stand-alone Flash Player or Projector, will execute a script containing malicious code.
Solution:   The vendor is reportedly working on a fix. For more information on the pending patch, see:

http://www.macromedia.com/support/flash/

As a workaround, the vendor recommends removing the file associations on your operating system between SWF files and the Flash Player. The vendor has released a utility to perform this (SWF Clear Utility), available at:

http://download.macromedia.com/pub/flash/utility/swf_clear_utility.zip

According to the vendor, "This utility removes file type associations for the SWF file format. The result is that opening any SWF file will cause the operating system to prompt you to indicate which program to open the file with. Subsequently, if you receive this prompt when attempting to open a SWF file, cancel the procedure and do not open the file to ensure greatest security. Note: Reinstalling the Flash application will re-associate the file type. If you need to reinstall Flash, run the SWF Clear Utility again for maximum security."

Vendor URL:  www.macromedia.com/support/flash/ts/documents/swf_clear.htm (Links to External Site)
Cause:   State error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  Shockwave Flash player issue




Macromedia was recently informed of a potential 
issue with the standalone Macromedia Flash Player 
running on Microsoft Windows. This issue does not 
affect web content viewed in a browser. 

After testing by both Macromedia and Sophos Anti-
virus, the company who initially reported this potential 
issue, Macromedia has found that this issue can only 
affect content that is sent via email or downloaded 
from a site and then run outside a browser. 

In either case, the content must be run in a 
Macromedia stand-alone Flash Player or associated 
Projector executable to represent a risk. This player 
is not installed by any browser installation, and is only 
installed with the Macromedia Flash authoring 
product. 

Macromedia appreciates the work of Sophos in 
reporting this potential issue, and will be issuing a 
patch later this week; a fix will also be included in 
future versions of the product. 

For more information on the patch please visit: 
http://www.macromedia.com/support/flash/. 

Macromedia will continue to take potential security 
issues very seriously. Security issues concering the 
Macromedia Flash player may be mailed to 
flashplayer_security@macromedia.com. 

Pete Santangeli,  Vice President of Engineering, 
Macromedia Inc.

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC