CVE-2007-3456

Impact:
Critical
Public Date:
2007-07-10
CWE:
CWE-20
Bugzilla:
247530: CVE-2007-3456 flash-plugin input validation flaw

The MITRE CVE dictionary describes this issue as:

Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an "input validation error," including a signed comparison of values that are assumed to be non-negative.

Find out more about CVE-2007-3456 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux Supplementary 5 (flash-plugin) RHSA-2007:0696 2007-07-12
Red Hat Enterprise Linux AS version 4 Extras (flash-plugin) RHSA-2007:0696 2007-07-12
Red Hat Enterprise Linux AS version 3 Extras (flash-plugin) RHSA-2007:0696 2007-07-12

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.