header-logo
Suggest Exploit
vendor:
Flash ActiveX
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overrun Condition
120
CWE
Product Name: Flash ActiveX
Affected Version From: 6.0.47
Affected Version To: 6.0.47
Patch Exists: Yes
Related CWE: N/A
CPE: a:macromedia:flash_activex
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Buffer Overrun Condition in Macromedia Flash Objects

A buffer overrun condition has been discovered in the SWRemote parameter used in Macromedia Flash objects. By triggering the overrun it is possible for an attacker to corrupt sensitive heap memory. Exploiting this issue may allow a remote attacker to redirect program flow to malicious shellcode, resulting in the execution of arbitrary commands with the privileges of the browser process.

Mitigation:

Upgrade to the latest version of Macromedia Flash ActiveX.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/6196/info

A buffer overrun condition has been discovered in the SWRemote parameter used in Macromedia Flash objects. By triggering the overrun it is possible for an attacker to corrupt sensitive heap memory.

Exploiting this issue may allow a remote attacker to redirect program flow to malicious shellcode, resulting in the execution of arbitrary commands with the privileges of the browser process.

This vulnerability was discovered in Macromedia Flash ActiveX 6.0.47. It is not yet known if earlier versions are affected.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/22022.zip

Navigation

Suggest Exploit

Services By CQR