In association with heise online

13 February 2008, 14:02

Code injection vulnerability in Adobe's Flash Media Server

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Adobe's Flash Media Server contains a number of critical vulnerabilities that attackers could exploit to inject and execute malicious code remotely. The vendor has released version 2.0.5 for downloading in order to remedy the vulnerabilities.

Security service provider iDefense has discovered two vulnerabilities on the server that by default listens for connections on TCP ports 1935 and 19350. The Edge Server component, which uses Adobe's proprietary Real Time Message Protocol (RTMP), is the faulty component. In the handling of RTMP packets, the server's routines accept passed values without inspection, a behaviour that reult in an integer overflow. This can cause the server to allocate a buffer that is too small for copy operations, possibly permitting the execution of injected code. In addition, a certain sequence of RTMP requests can cause the software to attempt to use memory that has already been allocated. This can also result in the execution of arbitrary code.

iDefense says that both vulnerabilities allow attackers to execute malicious code with SYSTEM rights. Adobe recommends that administrators of Flash Media Servers install the updates as soon as possible. Restricting network port access to trusted computers may also be a good idea.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit