HighProventia Network IDS, IBM Security Host Protection for Desktops, Proventia Network IPS, RealSecure Server Sensor, RealSecure Network, Proventia-G 1.1 and earlier, IBM Security Host Protection for Servers (Windows), Proventia Network MFS, Proventia Server IPS for Linux technology, Virtual Server Protection for Vmware, IBM Security Host Protection for Servers (Unix):
This signature detects a specially crafted MP4 file that could cause an error in the sequenceParameterSetNALUnit component of Adobe Flash Player and allow remote code execution. The signature triggers when a certain value within the NAL Unit data exceeds pam.quicktime.set.nal.unit.limit (default 256)
High
Proventia Network IDS: XPU 32.021, IBM Security Host Protection for Desktops: 2735, Proventia Network IPS: XPU 32.021, RealSecure Server Sensor: XPU 32.021, RealSecure Network: XPU 32.021, Proventia-G 1.1 and earlier: XPU 32.021, IBM Security Host Protection for Servers (Windows): 2.1.14.2735, Proventia Network MFS: XPU 32.021, Proventia Server IPS for Linux technology: 32.021, Virtual Server Protection for Vmware: XPU 32.021, IBM Security Host Protection for Servers (Unix): 2.2.2
Sun Solaris: 10, HP Systems Insight Manager: 4.2 SP1, HP Systems Insight Manager: 4.2 SP2, HP Systems Insight Manager: 5.0 SP1, HP Systems Insight Manager: 5.0 SP2, HP Systems Insight Manager: 5.0 SP3, RedHat RHEL Extras: 4, HP Systems Insight Manager: 5.0 SP5, RedHat RHEL Desktop Supplementary: 5 Client, RedHat RHEL Supplementary: 5 Server, HP Systems Insight Manager: 4.0, HP Systems Insight Manager: 5.0, Adobe Flash Player: 10.0.12.10, Adobe Flash Player: 10.0.0.584, Adobe Flash Player: 10.0.12.36, Adobe Flash Player: 10.0.22.87, Adobe Flash Player: 10.0.32.18, HP Systems Insight Manager: 5.3, HP Systems Insight Manager: 5.3 Update 1, HP Systems Insight Manager: 6.0, HP Systems Insight Manager: 6.1, Adobe Flash Player: 10.1.85.3, Adobe Flash Player: 10.1.95.2, Adobe Flash Player: 10.1.102.64, Adobe Flash Player: 10.2.154.13, Adobe Flash Player: 10.2.152.33, Adobe Flash Player: 10.2.152.21, Adobe Flash Player: 10.2.153.1, Adobe Flash Player: 10.2.154.25, Adobe Flash Player: 10.2.156.12, Adobe Flash Player: 10.2.157.51, Adobe Flash Player: 10.2.159.1, Adobe Flash Player: 10.2.154.28, Google Chrome: 13, Adobe Flash Player: 10.3.181.34, Adobe Flash Player: 10.3.181.25, BlackBerry BlackBerry PlayBook Tablet: 1.0.7.2942, Oracle Solaris: 11 Express, RedHat Enterprise Linux Server Supplementary : 6, RedHat Enterprise Linux Workstation Supplementary : 6, RedHat Enterprise Linux Desktop Supplementary : 6, HP Systems Insight Manager: 5.0 SP6, HP Systems Insight Manager: 6.2, HP Systems Insight Manager: 6.3
Unauthorized Access Attempt
Adobe Flash Player could allow a remote attacker to execute arbitrary code on the system, caused by an error in the sequenceParameterSetNALUnit component. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to corrupt memory and execute arbitrary code on the system.
Refer to APSB11-21 for patch, upgrade or suggested workaround information. See References.
For other distributions:
Apply the appropriate update for your system. See References.
APSB11-21
Security updates available for Adobe Flash Player
http://www.adobe.com/support/security/bulletins/apsb11-21.html
ZDI-11-276
Adobe Flash Player MP4 sequenceParameterSetNALUnit Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-276/
Blackberry Security Advisory KB28400
Vulnerabilities in Adobe Flash Player version included with the BlackBerry PlayBook tablet
http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB28400
Sun Product Security Blog, Nov 01, 2011
Multiple vulnerabilities in Adobe Flashplayer
http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer1
Sun Product Security Blog, Nov 01, 2011
Multiple vulnerabilities in Adobe Flashplayer
http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer2
Offensive Security Exploit Database [01-31-2012]
Adobe Flash Player MP4 SequenceParameterSetNALUnit Remote Code Execution Exploit
http://www.exploit-db.com/exploits/18437/
Offensive Security Exploit Database [02-10-2012]
Adobe Flash Player MP4 SequenceParameterSetNALUnit Buffer Overflow
http://www.exploit-db.com/exploits/18479/
HPSBMU02769 SSRT100846
HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows, Remote Unauthorized Access, Execution of Arbitrary Code, and Other Vulnerabilities
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03298151
ZDI-11-276
Adobe Flash Player MP4 sequenceParameterSetNALUnit Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-276
ZDI-11-276
Adobe Flash Player MP4 sequenceParameterSetNALUnit Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-276
ZDI-11-276
Adobe Flash Player MP4 sequenceParameterSetNALUnit Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-276
ISS X-Force
Adobe Flash Player sequence code execution
http://www.iss.net/security_center/static/69102.php
CVE
CVE-2011-2140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2140