CVE-2007-0071
CVE-2007-0071
Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset of a NULL pointer, and triggers a buffer overflow.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue.htmlhttp://documents.iss.net/whitepapers/IBM_X-Force_WP_final.pdfhttp://isc.sans.org/diary.html?storyid=4465http://lists.apple.com/archives/security-announce/2008//May/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.htmlhttp://secunia.com/advisories/29763http://secunia.com/advisories/29865http://secunia.com/advisories/30404http://secunia.com/advisories/30430http://secunia.com/advisories/30507https://exchange.xforce.ibmcloud.com/vulnerabilities/37277https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10379