Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of an out-of-bounds pointer.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
Adobe Flash MX 2004
Adobe Flash Player 8.0
Adobe Flash player 8.0 Basic (not an official CPE)
Adobe Flash player 8.0 Pro (not an official CPE)
Adobe Flash 8.0.24.0
Adobe Flash Player 8.0.34.0
Adobe Flash Player 8.0.35.0
Adobe Flash Player 8.0.39.0
Adobe Flash Player 9.0.16
Adobe Flash Player 9.0.20
Adobe Flash Player 9.0.20.0
Adobe Flash Player 9.0.28
Adobe Flash Player 9.0.28.0
Adobe Flash Player 9.0.31.0
Adobe Flash Player 9.0.45.0
Adobe Flash Player 9.0.47.0
Adobe Flash Player 9.0.48.0
Adobe Flash Player 9.0.112.0
Adobe Flash Player 9.0.114.0
Adobe Flash Player 9.0.115.0
Adobe Flash Player 9.0.124.0
Adobe Flash Player 10.0.0.584
Adobe Flex 3.0 (not an official CPE)
Adobe Flash Player 10.0.22.87
Adobe Flash Player 10.0.12.36
Adobe Flash Player 10.0.12.10
Adobe Flash MX 2004
Adobe Flash MX 2004
Adobe Flash Player 7.0.70.0
Adobe Flash Player 7.0.69.0
Adobe Flash player 7.0.63 Linux (not an official CPE)
Adobe Flash Player 7.0.63
Adobe Flash Player 7.0.25
Adobe Flash MX 2004
Adobe Flash MX 2004
Adobe Air 1.5.1 (not an official CPE)
Adobe Air 1.5 (not an official CPE)
Adobe Air 1.1 (not an official CPE)
Adobe Air 1.0 (not an official CPE)