| Revision Date: | 2015-08-03 | Version: | 47 |
| Title: | Adobe Flash Player and AIR 'exception_count' Integer Overflow Vulnerability |
| Description: | Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via an SWF file with a large exception_count value that triggers memory corruption, related to "generation of ActionScript exception handlers." |
| Family: | windows | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2009-3799
|
| Platform(s): | Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Microsoft Windows XP
| Product(s): | Adobe AIR
Adobe Flash Player
|
| Definition Synopsis |
| Vulnerable version of Adobe AIR Adobe AIR is installed
AND Adobe AIR version is less than 1.5.3
OR Vulnerable version of Adobe Flash Player
Adobe Flash Player is installed
AND Adobe Flash Player version installed on the system is less than or equal 10.0.42.34
OR Flash.ocx section
ActiveX Control is installed
AND Determine if the version of Flash.ocx is less than or equal 10.0.42.34
|