cbcvebase.
CVE-2006-3311
published 2006-09-12

CVE-2006-3311: Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute…

PriorityP432medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EPSS
16.61%
96.6th percentile
Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.

Affected

4 ranges
VendorProductVersion rangeFixed in
adobeflash_player<= 8.0.24.0
adobeflash_player
adobeflash_player
adobeflex_sdk

Detection & IOCsextracted from sources · hover to see the quote

  • Exploit vector is a malicious SWF movie file containing a long, dynamically created string triggering a buffer overflow in Adobe Flash Player
  • ·Vulnerability affects Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5; detections should target these specific versions
  • ·CVE-2006-3014 mentioned in the same Adobe advisory (APSB06-11) but only affects the Windows platform — scope detections accordingly

CVSS provenance

nvdv2.05.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
vendor_redhat5.1MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.