Vulnerability Note VU#146284
Macromedia Flash Player fails to properly validate the frame type identifier read from a "SWF" file
A buffer overflow vulnerability in some versions of the Macromedia Flash Player may allow a remote attacker to execute code on a vulnerable system.
The Macromedia Flash Player is a player for the Flash media format and enables frame-based animations with sound to be viewed within a web browser.
Some versions of the Flash Player, specifically 18.104.22.168 and earlier, contain an array bounds checking error in the way that they handle a frame type identifier read from the Flash (SWF) file. This error can results in a heap memory access vulnerability that could allow an attacker to execute arbitrary code. A maliciously crafted SWF that exploits this vulnerability could be supplied through a web page, for example.
A remote attacker with the ability to supply a specially crafted SWF file to a vulnerable host may be able to execute arbitrary code on that system. The attacker-supplied code would be executed with the privileges of the user opening the file.
Apply a patch
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Apple Computer, Inc.||Affected||15 Nov 2005||09 May 2006|
|Gentoo Linux||Affected||-||28 Nov 2005|
|Macromedia, Inc.||Affected||15 Nov 2005||15 Nov 2005|
|Microsoft Corporation||Affected||15 Nov 2005||09 May 2006|
|Red Hat, Inc.||Affected||-||11 Nov 2005|
CVSS Metrics (Learn More)
- CVE IDs: CVE-2005-2628
- Date Public: 07 Nov 2005
- Date First Published: 11 Nov 2005
- Date Last Updated: 09 May 2006
- Severity Metric: 13.50
- Document Revision: 19
If you have feedback, comments, or additional information about this vulnerability, please send us email.