CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
83.8%
Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers.
Vendor | Product | Version | CPE |
---|---|---|---|
macromedia | flash_player | 4.0_r12 | cpe:2.3:a:macromedia:flash_player:4.0_r12:*:*:*:*:*:*:* |
macromedia | flash_player | 5.0 | cpe:2.3:a:macromedia:flash_player:5.0:*:*:*:*:*:*:* |
macromedia | flash_player | 5.0_r50 | cpe:2.3:a:macromedia:flash_player:5.0_r50:*:*:*:*:*:*:* |
macromedia | flash_player | 6.0 | cpe:2.3:a:macromedia:flash_player:6.0:*:*:*:*:*:*:* |
macromedia | flash_player | 6.0.29.0 | cpe:2.3:a:macromedia:flash_player:6.0.29.0:*:*:*:*:*:*:* |
macromedia | flash_player | 6.0.40.0 | cpe:2.3:a:macromedia:flash_player:6.0.40.0:*:*:*:*:*:*:* |
macromedia | flash_player | 6.0.47.0 | cpe:2.3:a:macromedia:flash_player:6.0.47.0:*:*:*:*:*:*:* |