FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-0071

This CVE name corresponds to:

Entered Topic
2008-05-30 linux-flashplugin -- unspecified remote code execution vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2007-0071
Phase Assigned(20070104)

Description

Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset of a NULL pointer, and triggers a buffer overflow.

References

Source Reference
ISS 20080408 Adobe Flash Player Invalid Pointer Vulnerability
MISC http://documents.iss.net/whitepapers/IBM_X-Force_WP_final.pdf
MISC http://www.matasano.com/log/1032/this-new-vulnerability-dowds-inhuman-flash-exploit/
MISC http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue.html
MISC http://isc.sans.org/diary.html?storyid=4465
MISC http://www.zerodayinitiative.com/advisories/ZDI-08-032/
CONFIRM http://www.adobe.com/support/security/bulletins/apsb08-11.html
APPLE APPLE-SA-2008-05-28
GENTOO GLSA-200804-21
REDHAT RHSA-2008:0221
SUNALERT 238305
SUSE SUSE-SA:2008:022
CERT TA08-100A
CERT TA08-150A
CERT TA08-149A
CERT-VN VU#159523
CERT-VN VU#395473
BID 28695
BID 29386
OVAL oval:org.mitre.oval:def:10379
VUPEN ADV-2008-1662
VUPEN ADV-2008-1697
VUPEN ADV-2008-1724
OSVDB 44282
SECTRACK 1019811
SECTRACK 1020114
SECUNIA 29763
SECUNIA 29865
SECUNIA 30404
SECUNIA 30430
SECUNIA 30507
XF multimedia-file-integer-overflow(37277)