Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Recherche Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Adobe AIR < 22.0.0.153 RCE (APSB16-23)

High

Synopsis

The remote host is running an outdated version of Adobe AIR that is affected by a Remote Code Execution (RCE) attack vector.

Description

Versions of Adobe AIR prior to 22.0.0.153 are affected by a flaw that is triggered when loading certain dynamic-link libraries. The program uses an insecure path to look for specific files or libraries that includes the current working directory, which may not be trusted or under user control. By placing a specially crafted library in the path and tricking a user into opening a file e.g. located on a remote WebDAV share, a context-dependent attacker can inject and execute arbitrary code with the privilege of the user running the program.

Solution

Upgrade to Adobe AIR 22.0.0.153 or later.