cbcvebase.
CVE-2007-3456
published 2007-07-11

CVE-2007-3456: Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long…

PriorityP359critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
56.31%
98.9th percentile
Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an "input validation error," including a signed comparison of values that are assumed to be non-negative.

Affected

9 ranges
VendorProductVersion rangeFixed in
adobeflash_player<= 9.0.45.0
adobeflash_player
adobeflash_player
adobeflash_player
adobeflash_player
adobeflash_player
adobeflash_player
adobeflash_player
adobeflash_player

Detection & IOCsextracted from sources · hover to see the quote

urlhttps://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/30288.zip
  • Detect crafted SWF or FLV files containing an abnormally large length value for a Long string or XML variable type, which may indicate exploitation of the integer overflow in Adobe Flash Player.
  • Flag delivery of .SWF files from untrusted or unexpected sources to end users, as the exploit vector involves tricking a victim into opening a malicious SWF file.
  • Monitor for Flash Player process executing arbitrary code following parsing of SWF/FLV content, consistent with a signed integer comparison bypass on length values assumed to be non-negative.
  • ·Affected versions span multiple major branches of Adobe Flash Player; ensure detection coverage includes all three affected version lines.
  • ·The vulnerability is triggered via both FLV and SWF file formats; detection rules should cover both file types, not just SWF.

CVSS provenance

nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.