CVE - CVE-2008-4546

CVE-ID
CVE-2008-4546	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
APPLE:APPLE-SA-2010-11-10-1 URL:http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html BID:31537 URL:http://www.securityfocus.com/bid/31537 BUGTRAQ:20081002 Adobe Flash Player plug-in null pointer dereference and browser crash URL:http://www.securityfocus.com/archive/1/496929/100/0/threaded CERT:TA10-162A URL:http://www.us-cert.gov/cas/techalerts/TA10-162A.html CONFIRM:http://support.apple.com/kb/HT4435 CONFIRM:http://www.adobe.com/support/security/bulletins/apsb10-14.html GENTOO:GLSA-201101-09 URL:http://security.gentoo.org/glsa/glsa-201101-09.xml HP:HPSBMA02547 URL:http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 HP:SSRT100179 URL:http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 MISC:http://www.mochimedia.com/~matthew/flashcrash/ OVAL:oval:org.mitre.oval:def:16302 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16302 OVAL:oval:org.mitre.oval:def:7187 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7187 REDHAT:RHSA-2010:0464 URL:http://www.redhat.com/support/errata/RHSA-2010-0464.html REDHAT:RHSA-2010:0470 URL:http://www.redhat.com/support/errata/RHSA-2010-0470.html SECTRACK:1024085 URL:http://securitytracker.com/id?1024085 SECTRACK:1024086 URL:http://securitytracker.com/id?1024086 SECUNIA:32759 URL:http://secunia.com/advisories/32759 SECUNIA:40545 URL:http://secunia.com/advisories/40545 SECUNIA:43026 URL:http://secunia.com/advisories/43026 SREASON:4401 URL:http://securityreason.com/securityalert/4401 SUSE:SUSE-SA:2010:024 URL:http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html SUSE:SUSE-SR:2008:025 URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html SUSE:SUSE-SR:2010:013 URL:http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html TURBO:TLSA-2010-19 URL:http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt VUPEN:ADV-2010-1421 URL:~~http://www.vupen.com/english/advisories/2010/1421~~ (Obsolete source) VUPEN:ADV-2010-1432 URL:~~http://www.vupen.com/english/advisories/2010/1432~~ (Obsolete source) VUPEN:ADV-2010-1434 URL:~~http://www.vupen.com/english/advisories/2010/1434~~ (Obsolete source) VUPEN:ADV-2010-1453 URL:~~http://www.vupen.com/english/advisories/2010/1453~~ (Obsolete source) VUPEN:ADV-2010-1482 URL:~~http://www.vupen.com/english/advisories/2010/1482~~ (Obsolete source) VUPEN:ADV-2010-1522 URL:~~http://www.vupen.com/english/advisories/2010/1522~~ (Obsolete source) VUPEN:ADV-2010-1793 URL:~~http://www.vupen.com/english/advisories/2010/1793~~ (Obsolete source) VUPEN:ADV-2011-0192 URL:~~http://www.vupen.com/english/advisories/2011/0192~~ (Obsolete source) XF:adobe-flash-version-dos(45630) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/45630
Assigning CNA
MITRE Corporation
Date Record Created
20081014	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20081014)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)