CVE-2008-5499
published 2008-12-18CVE-2008-5499: Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and earlier, allows remote attackers to execute arbitrary code via a…
PriorityP272critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
79.43%
99.6th percentile
Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | flash_player_for_linux | <= 9.0.151.0 | — |
| adobe | flash_player_for_linux | — | — |
| adobe | flash_player_for_linux | — | — |
| adobe | flash_player_for_linux | — | — |
| adobe | flash_player_for_linux | — | — |
| adobe | flash_player_for_linux | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Exploit delivery involves serving a crafted .swf file over HTTP with Content-Type 'application/x-shockwave-flash'; monitor for browser requests fetching .swf resources followed by .txt payload retrieval from the same host. ↗
- →A secondary HTTP request for a .txt URI is used to deliver the shell payload; detect sequential browser requests to the same origin for a .swf then a .txt resource as an indicator of this exploit chain. ↗
- →The vulnerability is triggered via shell metacharacters in arguments to the ActionScript 'launch' method inside a SWF file; inspect SWF content for ActionScript launch calls containing shell metacharacters. ↗
- →Adobe AIR must be installed on the victim system for exploitation to succeed; presence of AIR combined with Flash Player versions 10.0.12.36 or 9.0.151.0 and prior on Linux indicates a vulnerable target. ↗
- ·Exploit only affects Adobe Flash Player on Linux; Windows and macOS Flash Player versions are not impacted by this specific vulnerability. ↗
- ·The Metasploit module uses HTTP gzip compression and chunked transfer encoding by default, which may affect network-level detection signatures. ↗
- ·The exploit payload architecture is unix command execution (ARCH_CMD); payloads are delivered as plaintext via a secondary .txt HTTP response. ↗
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
flash-plugin: Linux-specific code execution flaw via crafted SWF file
vendor_redhat·2008-12-17·CVSS 9.3
CVE-2008-5499 [CRITICAL] flash-plugin: Linux-specific code execution flaw via crafted SWF file
flash-plugin: Linux-specific code execution flaw via crafted SWF file
Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file.
GHSA
GHSA-jmfj-rgc6-43mh: Unspecified vulnerability in Adobe Flash Player for Linux 10
ghsa_unreviewed·2022-05-17
CVE-2008-5499 [HIGH] CWE-94 GHSA-jmfj-rgc6-43mh: Unspecified vulnerability in Adobe Flash Player for Linux 10
Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file.
No detection rules found.
Exploit-DB
Adobe Flash Player - ActionScript Launch Command Execution (Metasploit)
exploitdb·2012-04-20·CVSS 9.3
CVE-2008-5499 [CRITICAL] Adobe Flash Player - ActionScript Launch Command Execution (Metasploit)
Adobe Flash Player - ActionScript Launch Command Execution (Metasploit)
---
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# web site for more information on licensing and terms of use.
# http://metasploit.com/
##
require 'msf/core'
class Metasploit3 'Adobe Flash Player ActionScript Launch Command Execution Vulnerability',
'Description' => %q{
This module exploits a vulnerability in Adobe Flash Player for Linux,
version 10.0.12.36 and 9.0.151.0 and prior.
An input validation vulnerability allows command execution when the browser
loads a SWF file which contains shell metacharacters in the arguments to
the ActionScript launch method.
The victim must have Adobe AIR installed for the exploit
Metasploit
Adobe Flash Player ActionScript Launch Command Execution Vulnerability
metasploit
Adobe Flash Player ActionScript Launch Command Execution Vulnerability
Adobe Flash Player ActionScript Launch Command Execution Vulnerability
This module exploits a vulnerability in Adobe Flash Player for Linux, version 10.0.12.36 and 9.0.151.0 and prior. An input validation vulnerability allows command execution when the browser loads a SWF file which contains shell metacharacters in the arguments to the ActionScript launch method. The victim must have Adobe AIR installed for the exploit to work. This module was tested against version 10.0.12.36 (10r12_36).
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00006.htmlhttp://osvdb.org/50796http://secunia.com/advisories/33221http://secunia.com/advisories/33267http://secunia.com/advisories/33294http://secunia.com/advisories/34226http://security.gentoo.org/glsa/glsa-200903-23.xmlhttp://www.adobe.com/support/security/bulletins/apsb08-24.htmlhttp://www.redhat.com/support/errata/RHSA-2008-1047.htmlhttp://www.securityfocus.com/bid/32896http://www.securitytracker.com/id?1021458http://www.vupen.com/english/advisories/2008/3449https://exchange.xforce.ibmcloud.com/vulnerabilities/47445http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00006.htmlhttp://osvdb.org/50796http://secunia.com/advisories/33221http://secunia.com/advisories/33267http://secunia.com/advisories/33294http://secunia.com/advisories/34226http://security.gentoo.org/glsa/glsa-200903-23.xmlhttp://www.adobe.com/support/security/bulletins/apsb08-24.htmlhttp://www.redhat.com/support/errata/RHSA-2008-1047.htmlhttp://www.securityfocus.com/bid/32896http://www.securitytracker.com/id?1021458http://www.vupen.com/english/advisories/2008/3449https://exchange.xforce.ibmcloud.com/vulnerabilities/47445
2008-12-18
Published