OSVDB ID: 23908

Title: Macromedia Flash Player swf Processing Multiple Unspecified Code Execution

Info

Disclosure
Mar 14, 2006

Discovery
Unknown

Dates

Exploit
Unknown

Solution
Nov 15, 2006

Description

 Flash Player contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when the victim loads a malicious SWF file. It is possible that the flaw may allow an attacker to take control of the affected system resulting in a loss of confidentiality, integrity, and/or availability.

Classification

 Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Integrity
Solution: Upgrade
Disclosure: OSVDB Verified, Vendor Verified

Solution

 Upgrade to version 8.0.24.0 or 7.0.63.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Macromedia, Inc.

Flash Player

 8.0.22.0
7.0.61 .0
7.0.60 .0
7.0.19 .0
7.0 r19
6.0.79 .0
6.0.65 .0
6.0.47 .0
6.0.40 .0
6.0.29 .0
6.0

References

Credit

Unknown or Incomplete


Direct URL: http://osvdb.org/23908