Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4546

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-4546
Last Modified 02 Nov 2013 10:41:17
Published 14 Oct 2008 11:28:16
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4546

Summary

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers.

Vulnerable Systems

Application

  • Adobe Flash Player 10.0.12.10

  • Adobe Flash Player 9.0.112.0

  • Adobe Flash Player 9.0.115.0

  • Adobe Flash Player 9.0.45.0


References

CERT - TA10-162A

XF - adobe-flash-version-dos(45630)

VUPEN - ADV-2011-0192

VUPEN - ADV-2010-1793

VUPEN - ADV-2010-1522

VUPEN - ADV-2010-1482

VUPEN - ADV-2010-1453

VUPEN - ADV-2010-1434

VUPEN - ADV-2010-1432

VUPEN - ADV-2010-1421

TURBO - TLSA-2010-19

BID - 31537

BUGTRAQ - 20081002 Adobe Flash Player plug-in null pointer dereference and browser crash

REDHAT - RHSA-2010:0470

REDHAT - RHSA-2010:0464

MISC - http://www.mochimedia.com/~matthew/flashcrash/

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb10-14.html

CONFIRM - http://support.apple.com/kb/HT4435

SECTRACK - 1024086

SECTRACK - 1024085

SREASON - 4401

GENTOO - GLSA-201101-09

SECUNIA - 43026

SECUNIA - 40545

SECUNIA - 32759

SUSE - SUSE-SR:2010:013

SUSE - SUSE-SA:2010:024

SUSE - SUSE-SR:2008:025

APPLE - APPLE-SA-2010-11-10-1

HP - HPSBMA02547

HP - SSRT100179

Related Patches

Apple 2010-11-10 Mac OS X 10.6.5 Combo Update (See Notes)

Apple 2010-11-10 Security Update 2010-007 (Leopard) (See Notes)

Apple 2010-11-10 Security Update 2010-007 Server (Leopard) (See Notes)

Apple 2010-11-10 Mac OS X 10.6.5 Update (See Notes)

Adobe APSB10-14 Flash Player 10.1.53.64 (Other Browsers) for Windows (Update) (All Languages) (Rev 2)

Adobe APSB10-14 Flash Player 9.0.277.0 (Other Browsers) for Windows (Update) (All Languages)

Adobe APSB10-14 Flash Player 9.0.277.0 (Internet Explorer) for Windows (Update) (All Languages)

Adobe APSB10-14 Flash Player 10.1.53.64 (Internet Explorer) for Windows (Update) (All Languages) (Rev 2)

Adobe APSB10-14 Flash Player 10.1.53.64 for Mac OS X (Update)


Last Updated: 27 May 2016 10:49:56