| Revision Date: | 2015-08-03 | Version: | 39 |
| Title: | Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset of a NULL pointer, and triggers a buffer overflow. |
| Description: | Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset of a NULL pointer, and triggers a buffer overflow. |
| Family: | windows | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2007-0071
|
| Platform(s): | Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Microsoft Windows XP
| Product(s): | Adobe AIR
Adobe Flash Player
|
| Definition Synopsis |
| Flash.ocx section ActiveX Control is installed
AND Flash.ocx vulnerable version
Determine if the version of Flash.ocx is less than or equal 9.0.124.0
OR Vulnerable version of Adobe Flash Player
Adobe Flash Player 9 is installed
AND Adobe Flash Player version is less than or equal 9.0.124.0
OR Adobe Vulnerable version of Adobe AIR
Adobe AIR is installed
AND Check if the version of Adobe Air is less than 1.0.1
|