FILE-MULTIMEDIA -- Snort detected traffic targeting vulnerabilities in multimedia files (mp3, movies, wmv, etc.).
FILE-MULTIMEDIA Adobe Flash Player malformed MP4-AVC out-of-bounds read attempt
This event is generated when an attempt to exploit a vulnerability in Adobe Flash Player, using a malicious MP4 file, is detected.
This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of MP4-Advanced Video Coding (AVC) processing. A malformed AVC stream within MP4 input leads to flawed computation that involves pointer offset arithmetic which does not adequately account for the buffer boundaries
Ease of Attack:
What To Look For
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE ATT&CK Framework
For reference, see the MITRE ATT&CK vulnerability types here:
CVE Additional Information
CVE-2018-12827Adobe Flash Player 22.214.171.124 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
||Ease of Access||