TUCoPS :: Browsers :: expl5326.htm

Internet Explorer Macromedia Flash plugin (flash.ocx) buffer overflow
3rd May 2002 [SBWID-5326]
COMMAND

	Macromedia Flash IE plugin (flash.ocx) buffer overflow

SYSTEMS AFFECTED

	Flash Activex Ocx Version 6

PROBLEM

	Marc Maiffret of eEye Digital  Security  [http://www.eEye.com]  reported
	that flash plugin for windows (an ActiveX  control)  can  overflow  with
	long parameters.
	

	See sample below :
	

	<OBJECT classid=\"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000\">

	<PARAM NAME=movie

	VALUE=\"http://www.notthere8979873.com/notthere.swf?AAA[...unstated, but

	fixed number]XXXXXXXX\">

	</OBJECT>

	

SOLUTION

	Update to last version

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH