Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset of a NULL pointer, and triggers a buffer overflow.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Flash_player | Adobe | 8.0 (including) | 8.0.39.0 (including) |
Flash_player | Adobe | 9.0 (including) | 9.0.115.0 (including) |