exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

flash9-dereference.txt

flash9-dereference.txt
Posted Oct 2, 2008
Authored by Matthew Dempsky | Site mochimedia.com

Flash 9 appears to suffer from a null pointer dereferencing in versions 9.0.45.0, 9.0.112.0, 9.0.124.0, and 10.0.12.10.

tags | advisory
SHA-256 | b84f3bfe3438ff728cc28979e6d2e12be371835c7250483226cba3cd25d3929b

flash9-dereference.txt

Change Mirror Download
If a Flash 9 SWF loads two SWF files with different SWF version
numbers from two distinct HTTP requests to the exact same URL
(including query string arguments), then Adobe's Flash Player plug-in
will try to dereference a null pointer. This issue affects at least
versions 9.0.45.0, 9.0.112.0, 9.0.124.0, and 10.0.12.10 on Windows, OS
X, and Linux. For browsers where plug-ins run in the same process
(e.g., Internet Explorer 6 and 7, Firefox 3, and Safari 3 on Windows
and OS X), this causes the entire browser process to crash.

Sample code demonstrating this issue is available at
http://www.mochimedia.com/~matthew/flashcrash/.

On 2008.09.22, I submitted this issue to Adobe's JIRA bug tracking
system, which recorded it as issue #FP-677. On 2008.09.23, the ticket
was changed to private for security reasons, and Adobe told me they
were able to reproduce the issue and were investigating it. On
2008.09.26, I told Adobe I planned on submitting this issue to BugTraq
and asked if they had found any workarounds for users that I could
include. On 2008.10.01, they told me they had resolved the problem
and that a fix will be included in the next public update, but they
did not provide any workarounds.

--
Matthew Dempsky
http://www.mochimedia.com
Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close