CVE-2006-3311

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions 8.0.24.0 and earlier Adobe Flash Professional version 8 Adobe Flash MX 2004 Adobe Flex version 1.5

Description A buffer overflow issue allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.

Recommendations For Adobe Flash Player versions 8.0.24.0 and earlier, update to a version later than 8.0.24.0 to resolve the issue. For Adobe Flash Professional version 8, consider disabling the creation of dynamically created strings in SWF movies until a patch is available. For Adobe Flash MX 2004, restrict the use of long strings in SWF movies to minimize the risk of exploitation. For Adobe Flex version 1.5, avoid using dynamically created strings in SWF movies until the issue is resolved.