CVE-2008-4546
published 2008-10-14CVE-2008-4546: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL…
PriorityP424medium4.3CVSS 2.0
AVNACMAuNCNINAP
EXPLOIT
EPSS
16.77%
96.6th percentile
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
vendor_redhat4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
flash-plugin: crash caused by SWF files with different SWF versions obtained from the same URL
vendor_redhat·2008-10-02·CVSS 4.3
CVE-2008-4546 [MEDIUM] flash-plugin: crash caused by SWF files with different SWF versions obtained from the same URL
flash-plugin: crash caused by SWF files with different SWF versions obtained from the same URL
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers.
GHSA
GHSA-5xqh-j4c7-9pg5: Adobe Flash Player before 9
ghsa_unreviewed·2022-05-02
CVE-2008-4546 [MEDIUM] GHSA-5xqh-j4c7-9pg5: Adobe Flash Player before 9
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers.
No detection rules found.
Bugzilla
flash-plugin: multiple security flaws (APSB10-14)
bugzilla·2010-06-10·CVSS 9.3
CVE-2010-1297 [CRITICAL] flash-plugin: multiple security flaws (APSB10-14)
flash-plugin: multiple security flaws (APSB10-14)
Today, 2010-06-10, Adobe is planning to release an update
for Adobe Flash Player of version 10.0.45.2 (new version
is 10.1.53.64), to address multiple security issues allowing
code execution, whose description is detailed in the Adobe
Security Bulletin APSB10-14:
[1] http://www.adobe.com/support/security/bulletins/apsb10-14.html
* This update resolves a memory corruption vulnerability that could lead
to code execution (CVE-2010-1297). Note: There are reports that this
issue is being actively exploited in the wild.
* This update resolves a memory exhaustion vulnerability that could lead
to code execution (CVE-2009-3793).
* This update resolves a memory corruption vulnerability that could lead
to code execution (CVE-2010-2160).
* This u
Bugzilla
CVE-2008-4546 flash-plugin: crash caused by SWF files with different SWF versions obtained from the same URL
bugzilla·2008-10-15·CVSS 4.3
CVE-2008-4546 [MEDIUM] CVE-2008-4546 flash-plugin: crash caused by SWF files with different SWF versions obtained from the same URL
CVE-2008-4546 flash-plugin: crash caused by SWF files with different SWF versions obtained from the same URL
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-4546 to the following vulnerability:
Adobe Flash Player 9.0.45.0, 9.0.112.0, 9.0.124.0, and 10.0.12.10
allows remote web servers to cause a denial of service (NULL pointer
dereference and browser crash) by returning a different response when
an HTTP request is sent a second time, as demonstrated by two
responses that provide SWF files with different SWF version numbers.
References:
http://www.mochimedia.com/~matthew/flashcrash/
http://www.securityfocus.com/archive/1/archive/1/496929/100/0/threaded
Discussion:
Seems to crash both 9.0.124.0 and 10.0.12.36.
---
Reporter confirmed that this issue still exists in
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlhttp://secunia.com/advisories/32759http://secunia.com/advisories/40545http://secunia.com/advisories/43026http://security.gentoo.org/glsa/glsa-201101-09.xmlhttp://securityreason.com/securityalert/4401http://securitytracker.com/id?1024085http://securitytracker.com/id?1024086http://support.apple.com/kb/HT4435http://www.adobe.com/support/security/bulletins/apsb10-14.htmlhttp://www.mochimedia.com/~matthew/flashcrash/http://www.redhat.com/support/errata/RHSA-2010-0464.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0470.htmlhttp://www.securityfocus.com/archive/1/496929/100/0/threadedhttp://www.securityfocus.com/bid/31537http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txthttp://www.us-cert.gov/cas/techalerts/TA10-162A.htmlhttp://www.vupen.com/english/advisories/2010/1421http://www.vupen.com/english/advisories/2010/1432http://www.vupen.com/english/advisories/2010/1434http://www.vupen.com/english/advisories/2010/1453http://www.vupen.com/english/advisories/2010/1482http://www.vupen.com/english/advisories/2010/1522http://www.vupen.com/english/advisories/2010/1793http://www.vupen.com/english/advisories/2011/0192https://exchange.xforce.ibmcloud.com/vulnerabilities/45630https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16302https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7187http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlhttp://secunia.com/advisories/32759http://secunia.com/advisories/40545http://secunia.com/advisories/43026http://security.gentoo.org/glsa/glsa-201101-09.xmlhttp://securityreason.com/securityalert/4401http://securitytracker.com/id?1024085http://securitytracker.com/id?1024086http://support.apple.com/kb/HT4435http://www.adobe.com/support/security/bulletins/apsb10-14.htmlhttp://www.mochimedia.com/~matthew/flashcrash/http://www.redhat.com/support/errata/RHSA-2010-0464.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0470.htmlhttp://www.securityfocus.com/archive/1/496929/100/0/threadedhttp://www.securityfocus.com/bid/31537http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txthttp://www.us-cert.gov/cas/techalerts/TA10-162A.htmlhttp://www.vupen.com/english/advisories/2010/1421http://www.vupen.com/english/advisories/2010/1432http://www.vupen.com/english/advisories/2010/1434http://www.vupen.com/english/advisories/2010/1453http://www.vupen.com/english/advisories/2010/1482http://www.vupen.com/english/advisories/2010/1522http://www.vupen.com/english/advisories/2010/1793http://www.vupen.com/english/advisories/2011/0192https://exchange.xforce.ibmcloud.com/vulnerabilities/45630https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16302https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7187
2008-10-14
Published