Adobe Flash Player 9/10 - SWF Version Null Pointer Dereference Denial of Service

Author: Matthew Dempsky
type: dos
platform: linux
port: 
date_added: 2008-10-02 
date_updated: 2014-03-24 
verified: 1 
codes: CVE-2008-4546;OSVDB-50073 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/31537/info

Adobe Flash Player Plugin is prone to a remote denial-of-service vulnerability.

Successfully exploiting this issue will allow attackers to crash the browser that uses the plugin, denying service to legitimate users.

The following versions of Flash Player Plugin are vulnerable:

9.0.45.0
9.0.112.0
9.0.124.0
10.0.12.10

UPDATE (March 11, 2009): Flash Player Plugin 10.0.22.87 is vulnerable.

UPDATE (September 4, 2009): Mac OS X 10.6 reportedly ships with Flash Player 10.0.23.1, which will overwrite any installed version of Flash Player when Mac OS X is being installed.

UPDATE (June 10, 2010): Flash Player 10.1.53.64 and 9.0.227.0 are available.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/32452.zip