Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
CUSTOMER RELATIONSHIP MANAGEMENT NEWS. UPDATED 5 MINUTES AGO.
You are here: Home / Network Security / Adobe Identifies Two New Zero-Days
Hacking Team Breach Reveals Two New Critical Flash Zero-Day Exploits
Hacking Team Breach Reveals Two New Critical Flash Zero-Day Exploits
By Jef Cozza / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
JULY
13
2015
Two more Flash Zero-Day exploits were reported over the weekend, thanks to the deluge of documents leaked from the Hacking Team, the Italian company famous for supplying hacker tools to the world.

Adobe is planning to release a patch for each of the bugs, dubbed CVE-2015-5122 and CVE-2015-5123, on its Web site later this week. The company said both updates are critical.

Cybersecurity companies FireEye and Trend Micro were responsible for discovering the two exploits, which were detailed in the 400 GB of corporate data that was released in the leak of Hacking Team’s documents earlier this month. The two vulnerabilities exist in the Windows, Microsoft, and Linux versions of Flash Player 18.0.0.204 and earlier.

The Hits Keep Coming

Reports of new security flaws in the Flash Player software are hardly new. In fact, the two reports come after Adobe issued yet another security patch for Flash Player last week to address another flaw that had been exploited by the Hacking Team and had been quickly adopted by hackers worldwide.

FireEye said that the latest exploit, CVE-2015-5122, was even authored by the same person as last week’s reported bug, CVE-2015-5119, both of which it said were well written. Both threats take advantage of the same basic strategy, exploiting the use-after-free vulnerability in DisplayObject.

The vulnerability is triggered by freeing a TextLine object within the valueOf function of a custom class when setting the TextLine’s opaqueBackground. Once the TextLine object is freed, a Vector object is allocated in its place. Returning from valueOf will overwrite the length field of Vector object with a value of 106. Once the exploit has been triggered, the malicious code could either cause a system crash or allow an attacker to take control of the affected system.

Poses a Risk to Users

The second vulnerability, CVE-2015-5123, discovered by Trend Micro, affects all versions of Adobe Flash Player in Windows, Mac, and Linux. Like CVE-2015-5122, this exploit could also allow an attacker to take control of a user’s system.

The CVE-2015-5123 vulnerability exploits the valueOf trick bug. However, compared to the first two reported Flash zero-day exploits, it involves the BitmapData object and not the TextLine and ByteArray. Triggering the vulnerability involves creating a new BitmapData object, preparing two Array objects, two MyClass objects and assigning the MyClass objects to each Array.

Once it has overridden the valueOf function of MyClass, it calls the BitmapData.paletteMap with the two Array objects as parameters. The BitmapData.paletteMap will trigger the valueOf function. In the valueOf function, it will call BitmapData.dispose() to dispose the underlying memory of BitmapData object, thus causing Flash Player to crash.

“We are currently monitoring this proof-of-concept for any active attacks that may employ this zero-day exploit,” Trend Micro said in a blog post announcing the discovery of the vulnerability. “Considering that the Hacking Team leak is publicly available already, it poses risks to users.” The company said that the best thing to do until Adobe releases a patch is to completely disable Flash Player.

Tell Us What You Think
Comment:

Name:

SteveJobsWasRight:
Posted: 2015-07-13 @ 3:51pm PT
Another week, another Adobe Flash bug. This is no longer funny. I am uninstalling Flash.

Like Us on FacebookFollow Us on Twitter
MORE IN NETWORK SECURITY
CRM DAILY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.