Fortinet security researcher uncovers vulnerabilities in Adobe Flash Player
Fortinet released two fixes to protect its customers
In November 2016, Kai Lu, Fortinet's security researcher, had discovered two critical zero-day vulnerabilities in Adobe Flash Player.
Adobe had identified them as CVE-2017-2926 and CVE-2017-2927 and released a patch to fix them on 10 January 2017.
The CVE-2017-2926 was a memory corruption vulnerability discovered in the Flash Player's engine when it processed MP4 files, where a crafted sample size in the M4 atom specification which caused bounds of memory access. Fortinet released IPS signature Adobe.Flash.MP4.stsz.atom.Memory.Corruption to proactively fix the flaw.
The CVE-2017-2927 showed a heap overflow vulnerability that is exposed when processing Adobe Texture Format (ATF) files in Flash Player. Specifically, the vulnerability is caused by a malformed ATF file which causes an out of bounds memory access due to improper bounds checking when manipulating a pointer to a heap allocated buffer.
Fortinet released IPS signature Adobe.Flash.Adobe.Texture.Format.Heap.Overflow to proactively protect its customers.
This two vulnerabilities meant that hackers could exploit the flaw by using the out of bounds access for unintended reads, writes or frees, leading to code corruption, control-flow hijack or an information leak attack.