Vulnerability Note VU#475645
Macromedia Flash plug-in contains buffer overflow
Incorrectly formatted sound wave (SWF) files may cause a buffer overflow in the Macromedia Flash plug-in.
If the length fields in an SWF file specify fewer data than are actually present in the file, processing the file may cause a buffer overflow in the Macromedia Flash plug-in.
The plug-in or browser may crash. Since this buffer is only read from, this overflow is unlikely to cause execution of malicious code.
While Macromedia did not produce a patch to correct this problem, it is possible that recent versions of the plug-in have corrected this problem.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Macromedia||Affected||29 Dec 2000||15 May 2001|
CVSS Metrics (Learn More)
Neal Krawetz published the intial description of this problem.
This document was last modified by Tim Shimeall
- CVE IDs: CAN-2001-0166
- Date Public: 29 Dec 2000
- Date First Published: 17 May 2001
- Date Last Updated: 20 Jun 2001
- Severity Metric: 0.49
- Document Revision: 12
If you have feedback, comments, or additional information about this vulnerability, please send us email.