QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-3456

Back to search

CVE-2007-3456

Published: Jul 11, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an "input validation error," including a signed comparison of values that are assumed to be non-negative.

VendorProductVersions

n/a

n/a

affected
n/a

References

28068
third-party-advisory
x_refsource_SECUNIA
1018359
vdb-entry
x_refsource_SECTRACK
RHSA-2007:0696
vendor-advisory
x_refsource_REDHAT
26357
third-party-advisory
x_refsource_SECUNIA
SUSE-SA:2007:046
vendor-advisory
x_refsource_SUSE
201506
vendor-advisory
x_refsource_SUNALERT
38054
vdb-entry
x_refsource_OSVDB
ADV-2007-4190
vdb-entry
x_refsource_VUPEN
26444
vdb-entry
x_refsource_BID
GLSA-200708-01
vendor-advisory
x_refsource_GENTOO
26027
third-party-advisory
x_refsource_SECUNIA
TA07-192A
third-party-advisory
x_refsource_CERT
26118
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:11493
vdb-entry
signature
x_refsource_OVAL
APPLE-SA-2007-11-14
vendor-advisory
x_refsource_APPLE
VU#730785
third-party-advisory
x_refsource_CERT-VN
ADV-2007-3868
vdb-entry
x_refsource_VUPEN
24856
vdb-entry
x_refsource_BID
ADV-2007-2497
vdb-entry
x_refsource_VUPEN
20070720 FLEA-2007-0032-1: flashplayer
mailing-list
x_refsource_BUGTRAQ
103167
vendor-advisory
x_refsource_SUNALERT
27643
third-party-advisory
x_refsource_SECUNIA
26057
third-party-advisory
x_refsource_SECUNIA
TA07-319A
third-party-advisory
x_refsource_CERT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now