CVE-2006-3311

Currently unrated

Key Information:

Vendor: Adobe
Status: Flash Player; Flex Sdk
Vendor: CVE Published:; 12 September 2006

Summary

Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.

References

http://www.vupen.com/english/advisories/2006/3573

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/22054

third-party-advisoryx_refsource_SECUNIA

http://www.us-cert.gov/cas/techalerts/TA06-318A.html

third-party-advisoryx_refsource_CERT

EPSS Score

68% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 12, 2006
Vulnerability Reserved
Jun 29, 2006