Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via an SWF file with a large exception_count value that triggers memory corruption, related to "generation of ActionScript exception handlers."
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
Adobe Flash Player 10.0.32.18
Adobe Flash Player 10.0.22.87
Adobe Flash Player 10.0.12.36
Adobe Flash Player 10.0.0.584
Adobe Flash Player 10.0.12.10
Adobe Flash Player 9.125.0
Adobe Flash 9.0.155.0
Adobe Flash Player 9.0.159.0
Adobe Flash Player 9.0.114.0
Adobe Flash Player 9.0.124.0
Adobe Flash Player 9.0.115.0
Adobe Flash Player 9.0.47.0
Adobe Flash Player 9.0.112.0
Adobe Flash Player 9.0.28.0
Adobe Flash Player 9.0.45.0
Adobe Flash Player 9.0.31.0
Adobe Flash Player 9.0.31
Adobe Flash Player 9.0.28
Adobe Flash Player 9.0.20.0
Adobe Flash Player 9.0.20
Adobe Flash Player 9.0
Adobe Flash Player 9.0.16
Adobe Flash Player 9.0.18d60
Adobe Flash Player 8.0.39.0
Adobe Flash Player 8.0.35.0
Adobe Flash Player 8.0.34.0
Adobe Flash player 8.0 Pro (not an official CPE)
Adobe Flash 8.0.24.0
Adobe Flash player 8.0 Basic (not an official CPE)
Adobe Flash Player 8.0
Adobe Flash player 8 Professional (not an official CPE)
Adobe Flash player 8 Pro (not an official CPE)
Adobe Flash MX 2004
Adobe Flash MX 2004
Adobe Flash MX 2004
Adobe Flash Player 7.0.70.0
Adobe Flash Player 7.0.69.0
Adobe Flash Player 7.0.63
Adobe Flash MX 2004
Adobe Flash Player 7.0.25
Adobe Flash MX 2004
Adobe Adobe Integrated Runtime (AIR) 1.5.2
Adobe Adobe Integrated Runtime 1.5.1
Adobe Adobe Integrated Runtime (AIR) 1.1
Adobe Adobe Integrated Runtime 1.0.1
Adobe Adobe Integrated Runtime (AIR) 1.0