CVE-2007-3456

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions 9.0.45.0 and earlier

Description The issue is related to an integer overflow that could allow remote attackers to execute arbitrary code. This is achieved by providing a large length value for a Long string or XML variable type in a crafted FLV or SWF file. The problem is attributed to an input validation error, including a signed comparison of values that are assumed to be non-negative.

Recommendations For Adobe Flash Player versions 9.0.45.0 and earlier, consider updating to a version that contains a fix for this issue to prevent potential code execution by remote attackers.