How To Buy
Skip to main content (Press Enter).
Skip auxiliary navigation (Press Enter).
Skip main navigation (Press Enter).
on this day
between these dates
Back to Library
Zero-day Attack in the Wild for Adobe Flash, Reader, and Acrobat
06-06-2010 05:03 AM
We have confirmed the attacks that exploit the vulnerability (CVE-2010-1297) that Adobe announced on its
are in the wild.
The exploit takes advantage of an unpatched vulnerability in Flash Player, Adobe Reader, and Acrobat, and affects users regardless of whether they use Windows, Macintosh, Solaris, Linux, or UNIX. Adobe has categorized this as 'critical', which is the highest level in its severity rating.
Attacks can take place in various situations; a few are listed below:
Receiving an email with a malicious PDF attachment.
Receiving an email with a link to the malicious PDF file or a website with the malicious SWF embedded in malicious HTML code.
Stumbling across a malicious PDF or SWF file when surfing the web.
We have confirmed that the attack involves
, which is a PDF file that drops a back door Trojan onto the compromised computer if an affected product is already installed. We have also come across an attack using a malicious SWF file (detected as
) in conjunction with an HTML file (detected as
) to download another malware (detected as
) from the web. (We may update these three detection names once our analysis is complete).
The attacks seem limited at this point. However, other cyber criminals may jump on the bandwagon to take advantage of the vulnerability in the very near future. It's advisable that you visit Adobe's security advisory and spend some time investigating what workarounds would be applicable for your environment until a patch is released.
In the meantime, we are doing further analysis in order to develop heuristic detection(s) for both antivirus and IPS.
Please stay tuned for updates.
Tags and Keywords
Related Entries and Links
No Related Resource entered.
How To Buy
Copyright © 2005-2021 Broadcom. All Rights Reserved. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.
Hosted by Higher Logic, LLC on the behalf of Broadcom -
Supply Chain Transparency
Copyright 2019. All rights reserved.
Powered by Higher Logic