Описание
Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of an out-of-bounds pointer.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 10.0.32.18-1karmic2 |
| hardy | released | 10.0.32.18-1hardy1 |
| intrepid | released | 10.0.32.18-1intrepid1 |
| jaunty | released | 10.0.32.18-1jaunty1 |
| karmic | released | 10.0.32.18-1karmic2 |
| upstream | released | 10.0.32.18 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | |
| devel | released | 10.0.32.18ubuntu1 |
| hardy | released | 9.0.246.0ubuntu1 |
| intrepid | released | 10.0.32.18ubuntu0.8.10.1 |
| jaunty | released | 10.0.32.18ubuntu0.9.04.1 |
| karmic | released | 10.0.32.18ubuntu1 |
| upstream | released | 10.0.32.18 |
Показывать по
Ссылки на источники
EPSS
9.3 Critical
CVSS2
Связанные уязвимости
Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of an out-of-bounds pointer.
Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of an out-of-bounds pointer.
Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of an out-of-bounds pointer.
EPSS
9.3 Critical
CVSS2