Intrusion Prevention



This indicates an attack attempt against a denial-of-service vulnerability in Adobe Flash Player.
The vulnerability is caused by an error when the vulnerable software handles two responses for the same HTTP request, which includes SWF files with different version numbers. It allows a remote attacker to crash the vulnerable software via sending two crafted HTTP responses.

Affected Products

Adobe Flash Player and earlier versions for Windows, Macintosh, Linux and Solaris
Adobe AIR and earlier versions for Windows, Macintosh and Linux


Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Refer to the vendor's web site for the suggested workaround:

CVE References