CERTA-2002-AVI-098

Vulnerability from certfr_avis - Published: - Updated:

None

Description

Il existe une vulnérabilité dans le contrôle ActiveX Macromedia Flash Player.

Un utilisateur mal intentionné peut effectuer un débordement de mémoire pour exécuter du code arbitraire à distance par l'intermédiaire d'un site web ou d'un mél contenant un code malicieux.

Solution

Consulter le bulletin de sécurité de Macromedia (voir paragraphe Documentation) pour connaitre la disponibilité des versions mises à jour.

Toute application utilisant le contrôle ActiveX Macromedia Flash Player version 6, révision 23. De nombreuses applications, comme les navigateurs Internet Explorer et Netscape Navigator sous Windows par exemple, utilisent ce contrôle ActiveX.

Consulter le bulletin de sécurité de Macromedia pour connaitre la version de votre contrôle ActiveX Macromedia Flash Player .

Impacted products
Vendor Product Description
References

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eToute application utilisant le contr\u00f4le ActiveX Macromedia  Flash Player version 6, r\u00e9vision 23. De nombreuses applications,  comme les navigateurs Internet Explorer et Netscape Navigator  sous Windows par exemple, utilisent ce contr\u00f4le ActiveX.\u003c/P\u003e  \u003cP\u003eConsulter le bulletin de s\u00e9curit\u00e9 de Macromedia pour connaitre  la version de votre contr\u00f4le ActiveX Macromedia Flash Player  .\u003c/P\u003e",
  "content": "## Description\n\nIl existe une vuln\u00e9rabilit\u00e9 dans le contr\u00f4le ActiveX Macromedia Flash\nPlayer.\n\nUn utilisateur mal intentionn\u00e9 peut effectuer un d\u00e9bordement de m\u00e9moire\npour ex\u00e9cuter du code arbitraire \u00e0 distance par l\u0027interm\u00e9diaire d\u0027un\nsite web ou d\u0027un m\u00e9l contenant un code malicieux.\n\n## Solution\n\nConsulter le bulletin de s\u00e9curit\u00e9 de Macromedia (voir paragraphe\nDocumentation) pour connaitre la disponibilit\u00e9 des versions mises \u00e0\njour.\n",
  "cves": [],
  "links": [
    {
      "title": "Note d\u0027information technique de Macromedia :",
      "url": "http://www.macromedia.com/support/flash/ts/documents/buf_ovflow_623.htm"
    }
  ],
  "reference": "CERTA-2002-AVI-098",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2002-05-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": null,
  "title": "Vuln\u00e9rabilit\u00e9 du contr\u00f4le ActiveX Macromedia Flash Player version 6 revision 23",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 de Macromedia",
      "url": null
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.