[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-3311Date: (C)2006-09-12   (M)2023-12-22


Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.1
Exploit Score: 4.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1016829
SREASON-1546
BID-19980
http://www.securityfocus.com/archive/1/archive/1/445825/100/0/threaded
SECUNIA-21865
SECUNIA-21901
SECUNIA-22054
SECUNIA-22187
SECUNIA-22268
SECUNIA-22882
ADV-2006-3573
ADV-2006-3577
ADV-2006-3852
ADV-2006-4507
APPLE-SA-2006-09-29
GLSA-200610-02
MS06-069
RHSA-2006:0674
SUSE-SA:2006:053
TA06-275A
TA06-318A
VU#451380
flashplayer-swf-string-bo(28886)
http://www.adobe.com/support/security/bulletins/apsb06-11.html
http://www.computerterrorism.com/research/ct12-09-2006.htm

CPE    2
cpe:/a:adobe:flash_player:8.0.24.0
cpe:/a:adobe:flex_sdk:1.5
OVAL    1
oval:org.mitre.oval:def:394

© SecPod Technologies