PT-2008-5778 · Adobe · Flash Player+1
Matthew Dempsky
·
Published
2008-10-14
·
Updated
2018-10-11
·
CVE-2008-4546
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Adobe Flash Player versions prior to 9.0.277.0
Adobe Flash Player versions 10.x prior to 10.1.53.64
Adobe AIR versions prior to 2.0.2.12610
Description
The issue allows remote web servers to cause a denial of service, resulting in a NULL pointer dereference and browser crash. This occurs when an HTTP request is sent a second time and the server returns a different response, such as providing SWF files with different SWF version numbers.
Recommendations
For Adobe Flash Player versions prior to 9.0.277.0, update to version 9.0.277.0 or later.
For Adobe Flash Player versions 10.x prior to 10.1.53.64, update to version 10.1.53.64 or later.
For Adobe AIR versions prior to 2.0.2.12610, update to version 2.0.2.12610 or later.
Exploit
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Air
Flash Player