CVE-2006-3311

Severity

51%

Complexity

49%

Confidentiality

106%

Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.

Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.

CVSS 2.0 Base Score 5.1. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:P).

Overview

First reported 18 years ago

2006-09-12 23:07:00

Last updated 6 years ago

2018-10-18 16:46:00

Affected Software

アドビシステムズ フラッシュプレーヤー

アドビシステムズ Flex 1.5

1.5

References

APPLE-SA-2006-09-29

21865

Patch, Vendor Advisory

21901

22054

22187

22268

22882

GLSA-200610-02

1546

1016829

http://www.adobe.com/support/security/bulletins/apsb06-11.html

Patch

http://www.computerterrorism.com/research/ct12-09-2006.htm

Exploit, Patch, Vendor Advisory

VU#451380

US Government Resource

SUSE-SA:2006:053

RHSA-2006:0674

20060912 Computer Terrorism (UK) :: Incident Response Centre - Adobe/Macromedia Flash Player Vulnerability

19980

TA06-275A

US Government Resource

TA06-318A

US Government Resource

ADV-2006-3573

ADV-2006-3577

ADV-2006-3852

ADV-2006-4507

MS06-069

flashplayer-swf-string-bo(28886)

oval:org.mitre.oval:def:394

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.