CVE-2005-2628

Severity

51%

Complexity

49%

Confidentiality

106%

Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer.

Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer.

CVSS 2.0 Base Score 5.1. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:P).

Overview

Type

Macromedia Flash

First reported 19 years ago

2005-11-05 11:02:00

Last updated 6 years ago

2018-10-19 15:33:00

Affected Software

Macromedia Flash 6.0

6.0

Macromedia Flash 6.0.29.0

6.0.29.0

Macromedia Flash 6.0.40.0

6.0.40.0

Macromedia Flash 6.0.47.0

6.0.47.0

Macromedia Flash 6.0.65.0

6.0.65.0

Macromedia Flash 6.0.79.0

6.0.79.0

Macromedia Flash 7.0.19.0

7.0.19.0

Macromedia Flash 7.0 r19

7.0_r19

References

APPLE-SA-2006-05-11

17430

17437

17481

17626

17738

20045

20077

1015156

GLSA-200511-21

VU#146284

US Government Resource

http://www.macromedia.com/devnet/security/security_zone/mpsb05-07.html

Patch, Vendor Advisory

SUSE-SR:2005:027

18825

RHSA-2005:835

20051105 [EEYEB-20050627B] Macromedia Flash Player Improper Memory Access Vulnerability

15332

Patch

17951

TA06-129A

US Government Resource

TA06-132A

US Government Resource

ADV-2005-2317

ADV-2006-1744

ADV-2006-1779

MS06-020

flashplayer-swf-execute-code(22959)

oval:org.mitre.oval:def:1557

oval:org.mitre.oval:def:1987

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.