Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an input validation error, including a signed comparison of values that are assumed to be non-negative.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Flash_player | Adobe | * | 9.0.45.0 (including) |
Flash_player | Adobe | 9.0.16 (including) | 9.0.16 (including) |
Flash_player | Adobe | 9.0.18d60 (including) | 9.0.18d60 (including) |
Flash_player | Adobe | 9.0.20 (including) | 9.0.20 (including) |
Flash_player | Adobe | 9.0.20.0 (including) | 9.0.20.0 (including) |
Flash_player | Adobe | 9.0.28 (including) | 9.0.28 (including) |
Flash_player | Adobe | 9.0.28.0 (including) | 9.0.28.0 (including) |
Flash_player | Adobe | 9.0.31 (including) | 9.0.31 (including) |
Flash_player | Adobe | 9.0.31.0 (including) | 9.0.31.0 (including) |