[Forgot Password]
Login  Register Subscribe

24436

 
 

131815

 
 

115228

 
 

909

 
 

90132

 
 

140

Paid content will be excluded from the download.


Download | Alert*
OVAL

DNS rebinding attack vulnerability in Adobe Flash Player or Adobe Air

ID: oval:org.secpod.oval:def:9348Date: (C)2013-02-26   (M)2018-10-22
Class: VULNERABILITYFamily: windows




The host is installed with Adobe Flash Player 9.x before 9.0.124.0 or Adobe Air before 1.0.1 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted SWF file with a negative Scene Count value. Successful exploitation could allow remote attackers to trigger a buffer overflow.

Platform:
Microsoft Windows Server 2016
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows 10
Microsoft Windows 8
Microsoft Windows Server 2012
Product:
Adobe Flash Player
Adobe AIR
Reference:
CVE-2007-0071
CVE    1
CVE-2007-0071
CPE    20
cpe:/a:adobe:flash_player:9::x86
cpe:/a:adobe:flash_player_activex:9::x86
cpe:/a:adobe:air:::x86
cpe:/a:adobe:flash_player:9.0.114.0
...

© SecPod Technologies