Intrusion Prevention

Adobe.Flash.Player.Authplay.Dll.SWF.File.Handle.Code.Execution

Description

This indicates an attack attempt against a Memory Corruption vulnerability in Adobe Flash Player, and both Adobe Reader and Acrobat.
The vulnerability is caused by an error in "authplay.dll" while handling malicious SWF content. It allows a remote attacker to execute arbitrary code via sending a crafted PDF document or FLASH file.

Affected Products

Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris
Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

CVE References

CVE-2010-1285 CVE-2010-1297