Macromedia Flash Flash8b.OCX ActiveX Control Remote Denial of Service Vulnerability

Bugtraq ID:	21818
Class:	Failure to Handle Exceptional Conditions
CVE:
Remote:	Yes
Local:	No
Published:	Dec 29 2006 12:00AM
Updated:	Jan 04 2007 06:27PM
Credit:	shinnai <[email protected]> discovered this vulnerability.
Vulnerable:	Macromedia Flash 8.0.24 .0 Macromedia Flash 8.0.22 .0 Macromedia Flash 8.0.33.0 Macromedia Flash 8.0
Not Vulnerable:

Macromedia Flash Flash8b.OCX ActiveX Control Remote Denial of Service Vulnerability

Macromedia Flash is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to trigger denial-of-service conditions in Internet Explorer or other applications that use the vulnerable ActiveX control.

Macromedia Flash 8 is vulnerable to this issue; other versions may also be affected.

Macromedia Flash Flash8b.OCX ActiveX Control Remote Denial of Service Vulnerability

An example exploit has been provided:

• /data/vulnerabilities/exploits/21818.html

Macromedia Flash Flash8b.OCX ActiveX Control Remote Denial of Service Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].

Macromedia Flash Flash8b.OCX ActiveX Control Remote Denial of Service Vulnerability

References:

• Macromedia Homepage (Macromedia)
  
• Microsoft Knowledge Base Article 240797 (Microsoft)