Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an input validation error, including a signed comparison of values that are assumed to be non-negative.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Flash_player | Adobe | * | 9.0.45.0 (including) |
| Flash_player | Adobe | 9.0.16 (including) | 9.0.16 (including) |
| Flash_player | Adobe | 9.0.18d60 (including) | 9.0.18d60 (including) |
| Flash_player | Adobe | 9.0.20 (including) | 9.0.20 (including) |
| Flash_player | Adobe | 9.0.20.0 (including) | 9.0.20.0 (including) |
| Flash_player | Adobe | 9.0.28 (including) | 9.0.28 (including) |
| Flash_player | Adobe | 9.0.28.0 (including) | 9.0.28.0 (including) |
| Flash_player | Adobe | 9.0.31 (including) | 9.0.31 (including) |
| Flash_player | Adobe | 9.0.31.0 (including) | 9.0.31.0 (including) |
| Flashplugin-nonfree | Ubuntu | dapper | * |
| Flashplugin-nonfree | Ubuntu | devel | * |
| Flashplugin-nonfree | Ubuntu | edgy | * |
| Flashplugin-nonfree | Ubuntu | feisty | * |
| Flashplugin-nonfree | Ubuntu | gutsy | * |
| Flashplugin-nonfree | Ubuntu | hardy | * |
| Flashplugin-nonfree | Ubuntu | intrepid | * |
| Flashplugin-nonfree | Ubuntu | jaunty | * |
| Flashplugin-nonfree | Ubuntu | karmic | * |
| Extras for RHEL 3 | RedHat | flash-plugin-0:9.0.48.0-1.el3.with.oss | * |
| Extras for RHEL 4 | RedHat | flash-plugin-0:9.0.48.0-1.el4 | * |
| Supplementary for Red Hat Enterprise Linux 5 | RedHat | flash-plugin-0:9.0.48.0-1.el5 | * |