CVE-2002-1881

Name of the Vulnerable Software and Affected Versions Macromedia Flash Player versions 4.0 r12 through 6.0.47.0

Description The issue allows remote attackers to cause a denial of service, resulting in a web browser crash, via malformed content in a Flash Shockwave (.SWF) file. This can be achieved by modifying the file, such as ROT13 encoding the body of the file but not the headers.

Recommendations For Macromedia Flash Player versions 4.0 r12 through 6.0.47.0, consider avoiding the use of malformed Flash Shockwave (.SWF) files to minimize the risk of exploitation. As a temporary workaround, restrict access to potentially malicious .SWF files until a fix is available.