Friday, March 18, 2011

FlashUtil10m_Plugin.exe command line crash

Is interesting observing how nowadays some old style bug are still available. I think that this one is not a security bug but a deeper investigation is left to all whose are interested.Anyway is sufficient pass a single char as command line parameter to this FlashUtil10m_Plugin.exe (also called Flash Player Installer/Uninstaller) for generate a crash. If you are Admin appear something like the following screenshot:



Opening it with a disassembler (in this case IDA) is possible know that is a problem within the parser that handle the command line parameters:

In screen shot above is reported  the function address where the bug is triggered. While in the following screen shot is shown the line of code where is tried an write in an address of kernel32.dll a not readable address:


This bug impact Adobe Flash Player Installer/Uninstaller 10.2 r152 distributed with the latest version of Adobe Flash Player..

No comments:

Post a Comment