典型Adobe Flash Player漏洞简介与原理分析  被引量：3

作　　者：孟正[1] 曾天宁 马洋洋[1] 文伟平[1] 

机构地区：[1]北京大学软件与微电子学院,北京102600

出　　处：《信息网络安全》2014年第10期31-37,共7页Netinfo Security

基　　金：国家自然科学基金[61170282]

摘　　要：随着Flash文件在网络上的应用日益广泛,Adobe Flash Player的安全问题受到人们越来越多的关注,它的每一个漏洞都有引发巨大安全问题的可能性。文章首先从Flash客户端技术和Flash三维可视化分析两个方面对Adobe Flash Player的运行机制进行了介绍,研究了Action Script语言、Flash渲染模型、事件机制、Flash三维图形显示、Stage3D硬件加速和Stage3D三维建模的特性;接下来描述了SWF文件的格式信息,对SWF文件的文件头和标签结构进行介绍;然后结合CVE网站的统计信息,对Adobe Flash Player漏洞进行分类,将其划分为Flash文件格式漏洞、Flash拒绝服务漏洞、Flash跨站脚本攻击漏洞和Flash欺骗攻击漏洞等4大类;随后对漏洞分析技术进行了详细介绍,建立了针对Adobe Flash Player的漏洞分析技术模型;最后以10个典型的Adobe Flash Player漏洞作为实例,经过信息收集、数据流跟踪和漏洞原理分析等过程,得到了漏洞的产生机理。As the application of Flash file in the network is becoming more and more wide, the security problems of Adobe Flash Player have also attracted more and more attentions. Every vulnerability has a possibility to arise serious security problem. This dissertation first describes the operation mechanism of Adobe Flash Player from the two aspects of Flash client technology and Flash 3D visualization analysis, gives a research on the characters of ActionScript language, Flash rendering model, event mechanism, Flash three dimensional graphic display, Stage3D hardware speeding and Stage3D modeling. Then the format of SWF file is described, and the file heading and the label structure are introduced. Combining with the statistic information of CVE website, the article takes a classification on the vulnerabilities of Adobe Flash Player. These four types of vulnerabilities are Flash file format vulnerability, Flash service denial vulnerability, Flash cross site scripting vulnerability and Flash spoofing attack vulnerability. Then the vulnerabilities classification method and the vulnerabilities analysis technology of Adobe Flash Player are described in detail and the technical model for vulnerability analysis targeting on Adobe Flash Player is built up. At last, ten typical vulnerabilities in Adobe Flash Player are taken as the practical examples. After the processes of information collection, data flow tracking and vulnerability principle analysis, the vulnerability production mechanism is drawn out finally.

关 键 词：漏洞分类 漏洞分析 SWF文件格式 

分 类 号：TP393.08[自动化与计算机技术—计算机应用技术]