Lucene search

MitreCVE-2002-1881

HistoryJun 28, 2005 - 4:00 a.m.

CVE-2002-1881

2005-06-2804:00:00

mitre

web.nvd.nist.gov

nvd

cve-2002-1881

macromedia flash player

remote attack

web browser

crash

swf

denial of service

vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.01

Percentile

83.8%

JSON

Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers.

Affected configurations

Nvd

Node

macromediaflash_playerMatch4.0_r12

macromediaflash_playerMatch5.0

macromediaflash_playerMatch5.0_r50

macromediaflash_playerMatch6.0

macromediaflash_playerMatch6.0.29.0

macromediaflash_playerMatch6.0.40.0

macromediaflash_playerMatch6.0.47.0

VendorProductVersionCPE
macromediaflash_player4.0_r12cpe:2.3:a:macromedia:flash_player:4.0_r12:*:*:*:*:*:*:*
macromediaflash_player5.0cpe:2.3:a:macromedia:flash_player:5.0:*:*:*:*:*:*:*
macromediaflash_player5.0_r50cpe:2.3:a:macromedia:flash_player:5.0_r50:*:*:*:*:*:*:*
macromediaflash_player6.0cpe:2.3:a:macromedia:flash_player:6.0:*:*:*:*:*:*:*
macromediaflash_player6.0.29.0cpe:2.3:a:macromedia:flash_player:6.0.29.0:*:*:*:*:*:*:*
macromediaflash_player6.0.40.0cpe:2.3:a:macromedia:flash_player:6.0.40.0:*:*:*:*:*:*:*
macromediaflash_player6.0.47.0cpe:2.3:a:macromedia:flash_player:6.0.47.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
macromedia	flash_player	4.0_r12	cpe:2.3:a:macromedia:flash_player:4.0_r12:::::::*
macromedia	flash_player	5.0	cpe:2.3:a:macromedia:flash_player:5.0:::::::*
macromedia	flash_player	5.0_r50	cpe:2.3:a:macromedia:flash_player:5.0_r50:::::::*
macromedia	flash_player	6.0	cpe:2.3:a:macromedia:flash_player:6.0:::::::*
macromedia	flash_player	6.0.29.0	cpe:2.3:a:macromedia:flash_player:6.0.29.0:::::::*
macromedia	flash_player	6.0.40.0	cpe:2.3:a:macromedia:flash_player:6.0.40.0:::::::*
macromedia	flash_player	6.0.47.0	cpe:2.3:a:macromedia:flash_player:6.0.47.0:::::::*

References

archives.neohapsis.com/archives/bugtraq/2002-08/0088.html

www.iss.net/security_center/static/9843.php

www.securityfocus.com/bid/5445

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.01

Percentile

83.8%

JSON

Related for CVE-2002-1881