Description
Use-after-free vulnerability in Adobe Flash Player 6.0.79, as distributed in Microsoft Windows XP SP2 and SP3, allows remote attackers to execute arbitrary code by unloading a Flash object that is currently being accessed by a script, leading to memory corruption, aka a "Movie Unloading Vulnerability."
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Adobe / Flash Player6.0.79 – 6.0.79
References
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7580
- MISChttp://securitytracker.com/id?1023435
- MISChttp://www.kb.cert.org/vuls/id/204889
- MISChttp://secunia.com/secunia_research/2007-77/
- VENDOR_ADVISORYhttp://secunia.com/advisories/27105
- MISChttp://www.microsoft.com/technet/security/advisory/979267.mspx