BugTraq
Adobe Flash Player plug-in null pointer dereference and browser crash Oct 02 2008 12:46AM
Matthew Dempsky (matthew mochimedia com) (1 replies)
Re: Adobe Flash Player plug-in null pointer dereference and browser crash Mar 11 2009 05:30PM
Matthew Dempsky (matthew mochimedia com) (1 replies)
Re: Adobe Flash Player plug-in null pointer dereference and browser crash Mar 12 2009 01:17PM
Alex Legler (a3li gentoo org)
Hello Matthew,

On Mi, 2009-03-11 at 10:30 -0700, Matthew Dempsky wrote:
> On Wed, Oct 1, 2008 at 5:46 PM, Matthew Dempsky <matthew (at) mochimedia (dot) com [email concealed]> wrote:
> > If a Flash 9 SWF loads two SWF files with different SWF version
> > numbers from two distinct HTTP requests to the exact same URL
> > (including query string arguments), then Adobe's Flash Player plug-in
> > will try to dereference a null pointer. This issue affects at least
> > versions 9.0.45.0, 9.0.112.0, 9.0.124.0, and 10.0.12.10 on Windows, OS
> > X, and Linux.
>
> As an update, this issue also affects 10.0.22.87 at least on Windows
> and OS X. I've seen some Linux distributions (e.g., [1]) claim that
> 10.0.22.87 fixes this bug (aka CVE-2008-4546), but I think this is
> mistaken.
>

yes, indeed you are right. Both a user and me could repoduce the issue
with the version we mistakenly marked as not vulnerable.

> You can easily reproduce this bug (i.e., crash your browser) by
> visiting http://flashcrash.dempsky.org/. Be sure to tell your
> friends: it can be the next Rick Roll.
>
> [1] http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml?style=printabl
e
>

We have updated that GLSA to no longer reference this issue.

Thank you for the heads-up!

Regards,
Alex
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.10 (GNU/Linux)

iEYEABECAAYFAkm5C2MACgkQk3qunHEll7MDpQCgvwgN3FSrn+9z5rc52lkJdfhH
Cw4AnjUujYcBmpk+qDGvijXU3pqq7ScB
=iXIQ
-----END PGP SIGNATURE-----

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus