Adobe Flash Player <= 10.0.22 and AIR - 'intf_count' Integer Overflow Vulnerability

2009-07-30T00:00:00
ID EDB-ID:33134
Type exploitdb
Reporter Roee Hay
Modified 2009-07-30T00:00:00

Description

Adobe Flash Player 10.0.22 and AIR 'intf_count' Integer Overflow Vulnerability. CVE-2009-1869. Dos exploit for linux platform

                                        
                                            source: http://www.securityfocus.com/bid/35907/info

Adobe Flash Player and Adobe AIR are prone to an integer-overflow vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks may cause a denial-of-service condition.

This issue was previously covered in BID 35890 (Adobe Flash Player and AIR Multiple Security Vulnerabilities) but has been given its own record to better document it.

UPDATE (September 4, 2009): Mac OS X 10.6 reportedly ships with Flash Player 10.0.23.1, which will overwrite any installed version of Flash Player when Mac OS X is being installed.

This issue affects versions *prior to* the following:

Flash Player 10.0.32.18
AIR 1.5.2 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/33134.zip