Vulnerability Name:

CVE-2005-2628 (CCN-22959)

Assigned:2005-11-04
Published:2005-11-04
Updated:2018-10-19
Summary:Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer.
CVSS v3 Severity:5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
4.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
4.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: BugTraq Mailing List, Fri Nov 04 2005 - 19:30:15 CST
[Full-disclosure] [EEYEB-20050627B] Macromedia Flash Player Improper Memory Access Vulnerability

Source: MITRE
Type: CNA
CVE-2005-2628

Source: CCN
Type: Apple Security Update 2006-003
About Security Update 2006-003

Source: APPLE
Type: UNKNOWN
APPLE-SA-2006-05-11

Source: CCN
Type: RHSA-2005-835
flash-plugin security update

Source: CCN
Type: SA17430
Macromedia Flash Player SWF File Handling Arbitrary Code Execution

Source: SECUNIA
Type: UNKNOWN
17430

Source: CCN
Type: SA17437
Opera Macromedia Flash Player SWF Arbitrary Code Execution

Source: SECUNIA
Type: UNKNOWN
17437

Source: CCN
Type: SA17481
Internet Explorer Macromedia Flash Player SWF Arbitrary Code Execution

Source: SECUNIA
Type: UNKNOWN
17481

Source: SECUNIA
Type: UNKNOWN
17626

Source: SECUNIA
Type: UNKNOWN
17738

Source: CCN
Type: SA20045
Microsoft Windows Flash Player Code Execution Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
20045

Source: CCN
Type: SA20077
Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
20077

Source: CCN
Type: SECTRACK ID: 1015156
Macromedia Flash Index Boundary Error Lets Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1015156

Source: CCN
Type: ASA-2006-099
Windows Security Updates for May 2006 - (MS06-018 - MS06-020)

Source: CCN
Type: GLSA-200511-21
Macromedia Flash Player: Remote arbitrary code execution

Source: GENTOO
Type: UNKNOWN
GLSA-200511-21

Source: CCN
Type: US-CERT VU#146284
Macromedia Flash Player fails to properly validate the frame type identifier read from a SWF file

Source: CERT-VN
Type: US Government Resource
VU#146284

Source: CCN
Type: Macromedia Security Bulletin MPSB05-07
Flash Player 7 Improper Memory Access Vulnerability

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.macromedia.com/devnet/security/security_zone/mpsb05-07.html

Source: CCN
Type: Macromedia Flash Player Download Center Web page
Macromedia Flash Player Download Center

Source: CCN
Type: Microsoft Security Advisory (910550)
Macromedia Security Bulletin: MPSB05-07 Flash Player 7 Improper Memory Access Vulnerability

Source: CCN
Type: Microsoft Security Bulletin MS06-020
Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (913433)

Source: CCN
Type: Microsoft Security Bulletin MS06-069
Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (923789)

Source: SUSE
Type: UNKNOWN
SUSE-SR:2005:027

Source: OSVDB
Type: UNKNOWN
18825

Source: CCN
Type: OSVDB ID: 18825
Macromedia Flash Player Flash.ocx Unspecified Function Arbitrary Code Execution

Source: REDHAT
Type: UNKNOWN
RHSA-2005:835

Source: BUGTRAQ
Type: UNKNOWN
20051105 [EEYEB-20050627B] Macromedia Flash Player Improper Memory Access Vulnerability

Source: BID
Type: Patch
15332

Source: CCN
Type: BID-15332
Macromedia Flash Array Index Memory Access Vulnerability

Source: BID
Type: UNKNOWN
17951

Source: CCN
Type: BID-17951
Apple Mac OS X Security Update 2006-003 Multiple Vulnerabilities

Source: CERT
Type: US Government Resource
TA06-129A

Source: CERT
Type: US Government Resource
TA06-132A

Source: VUPEN
Type: UNKNOWN
ADV-2005-2317

Source: VUPEN
Type: UNKNOWN
ADV-2006-1744

Source: VUPEN
Type: UNKNOWN
ADV-2006-1779

Source: MS
Type: UNKNOWN
MS06-020

Source: XF
Type: UNKNOWN
flashplayer-swf-execute-code(22959)

Source: XF
Type: UNKNOWN
flashplayer-swf-execute-code(22959)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1557

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1987

Source: SUSE
Type: SUSE-SR:2005:027
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:macromedia:flash_player:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:macromedia:flash_player:6.0.29.0:*:*:*:*:*:*:*
  • OR cpe:/a:macromedia:flash_player:6.0.40.0:*:*:*:*:*:*:*
  • OR cpe:/a:macromedia:flash_player:6.0.47.0:*:*:*:*:*:*:*
  • OR cpe:/a:macromedia:flash_player:6.0.65.0:*:*:*:*:*:*:*
  • OR cpe:/a:macromedia:flash_player:6.0.79.0:*:*:*:*:*:*:*
  • OR cpe:/a:macromedia:flash_player:7.0.19.0:*:*:*:*:*:*:*
  • OR cpe:/a:macromedia:flash_player:7.0_r19:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:macromedia:flash_player:6.0:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:2003_server::x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:-::~~~~itanium~:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:2003_server:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:2003_server:sp1_itanium:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:rhel_extras:3:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:1987
    V
    		Remote Code Execution Vulnerability in Flash Player 6 and 7 (XP,SP1)
    2015-08-03
    oval:org.mitre.oval:def:1557
    V
    		Remote Code Execution Vulnerability in Flash Player 6&7 (XP,SP2)
    2011-05-16
    BACK
    macromedia flash player 6.0
    macromedia flash player 6.0.29.0
    macromedia flash player 6.0.40.0
    macromedia flash player 6.0.47.0
    macromedia flash player 6.0.65.0
    macromedia flash player 6.0.79.0
    macromedia flash player 7.0.19.0
    macromedia flash player 7.0_r19
    macromedia flash player 6.0
    gentoo linux *
    microsoft windows xp - sp1
    microsoft windows 2000 - sp4
    microsoft windows 2003_server
    microsoft windows xp sp2
    microsoft windows 2003 server -
    apple mac os x 10.3.9
    apple mac os x server 10.3.9
    microsoft windows 2003_server sp1
    microsoft windows 2003_server sp1_itanium
    apple mac os x 10.4.6
    redhat rhel extras 3
    redhat rhel extras 4
    apple mac os x server 10.4.6