CVE-2008-4546
Last modified
CVE-2008-4546 is a vulnerability of currently unknown severity. Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers.. EPSS estimates a 16.77% chance of exploitation in the next 30 days.
Description
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Flash Player | 9.0.45.0 |
| Adobe | Flash Player | 9.0.112.0 |
| Adobe | Flash Player | 9.0.115.0 |
| Adobe | Flash Player | 10.0.12.10 |
References
- http://www.us-cert.gov/cas/techalerts/TA10-162A.htmlUS Government Resource
- http://www.us-cert.gov/cas/techalerts/TA10-162A.htmlUS Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2008-4546?
How severe is CVE-2008-4546?
How do I fix CVE-2008-4546?
Are you affected by CVE-2008-4546?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST