Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4473

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-4473
Last Modified 07 Mar 2011 10:12:30
Published 17 Oct 2008 03:31:15
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4473

Summary

Multiple heap-based buffer overflows in Adobe Flash CS3 Professional on Windows and Flash MX 2004 allow remote attackers to execute arbitrary code via an SWF file containing long control parameters.

Vulnerable Systems

Application

  • Adobe Flash Player Cs3

  • Adobe Flash Player Mx 2004


References

XF - adobe-flash-cs3-bo(45914)

VUPEN - ADV-2008-2837

BID - 31769

BUGTRAQ - 20081015 Multiple Flash Authoring Heap Overflows - Malformed SWF Files

CONFIRM - http://www.adobe.com/support/security/advisories/apsa08-09.html

SECTRACK - 1021060

SREASON - 4429

MISC - http://security-assessment.com/files/advisories/2008-10-16_Multiple_Flash_Authoring_Heap_Overflows.pdf

SECUNIA - 32246


Last Updated: 27 May 2016 10:48:30