Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3311

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-3311
Last Modified 07 Mar 2011 09:38:19
Published 12 Sep 2006 07:07:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-3311

Summary

Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.

Vulnerable Systems

Application

  • Adobe Flash Player 8

  • Adobe Flash Player 8.0.24.0

  • Adobe Flash Player Mx 2004

  • Adobe Flex Sdk 1.5


References

CERT - TA06-318A

CERT - TA06-275A

CERT-VN - VU#451380

BUGTRAQ - 20060912 Computer Terrorism (UK) :: Incident Response Centre - Adobe/Macromedia Flash Player Vulnerability

MISC - http://www.computerterrorism.com/research/ct12-09-2006.htm

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb06-11.html

SECUNIA - 21865

VUPEN - ADV-2006-4507

VUPEN - ADV-2006-3852

VUPEN - ADV-2006-3577

VUPEN - ADV-2006-3573

XF - flashplayer-swf-string-bo(28886)

BID - 19980

REDHAT - RHSA-2006:0674

SUSE - SUSE-SA:2006:053

MS - MS06-069

SECTRACK - 1016829

SREASON - 1546

GENTOO - GLSA-200610-02

SECUNIA - 22882

SECUNIA - 22268

SECUNIA - 22187

SECUNIA - 22054

SECUNIA - 21901

APPLE - APPLE-SA-2006-09-29

Related Patches

Apple 2006-09-29 Mac OS X Update 10.4.8 Combo (PPC) (Rev 3)

Apple 2006-09-29 Mac OS X 10.4.8 Update (PPC) (Rev 3)

Apple 2006-09-29 Mac OS X Server 10.4.8 Update (PPC) (Rev 3)

Apple 2006-09-29 Mac OS X Server 10.4.8 Combo Update (PPC) (Rev 3)

Apple 2006-09-29 Mac OS X Update 10.4.8 Combo (Intel) (Rev 3)

Apple 2006-09-29 Mac OS X 10.4.8 Update (Intel) (Rev 3)


Last Updated: 27 May 2016 10:42:57