Adobe Flash Player SWF Version Null Pointer Dereference Denial of Service Vulnerability
Publish date: 21 de julio de 2015
Gravedad: Medio
Identificadores de CVE : CVE-2008-4546
Fecha recomendada: 21 de julio de 2015
Descripción
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers.
Revelación de la información
- 1002948 - Adobe Flash Player SWF Version Null Pointer Dereference Denial Of Service
Soluciones
Trend Micro Deep Security DPI Rule Number: 1002948
Trend Micro Deep Security DPI Rule Name: 1002948 - Adobe Flash Player SWF Version Null Pointer Dereference Denial Of Service
Software y versión afectados
- adobe flash_player 10.0.12.10
- adobe flash_player 9.0.112.0
- adobe flash_player 9.0.115.0
- adobe flash_player 9.0.45.0