virus logo Intrusion Prevention

Adobe.Flash.Player.SWF.Version.Null.Pointer.Dereference.DoS

description-logoDescription

This indicates an attack attempt against a denial-of-service vulnerability in Adobe Flash Player.
The vulnerability is caused by an error when the vulnerable software handles two responses for the same HTTP request, which includes SWF files with different version numbers. It allows a remote attacker to crash the vulnerable software via sending two crafted HTTP responses.

affected-products-logoAffected Products

Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris
Adobe AIR 1.5.3.9130 and earlier versions for Windows, Macintosh and Linux

Impact logoImpact

Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's web site for the suggested workaround:
http://www.adobe.com/support/security/bulletins/apsb10-14.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

http://www.adobe.com/support/security/bulletins/apsb10-14.html http://www.mochimedia.com/~matthew/flashcrash/
ID 23428
Created Jun 14, 2010
Updated May 02, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2008-4546
Exploit Prediction Score 0.96%
Default Action drop
Active
Affected OS Windows, Linux, Solaris, MacOS
Affected App Adobe