CVE-2008-5362

CVE-2008-5362 covers a vulnerability in the DefineConstantPool action of the ActionScript 2 VM in Adobe Flash Player 10.x (before 10.0.12.36) and 9.x (before 9.0.151.0), and Adobe AIR before 1.5. The issue arises when an untrusted input value is accepted for a "constant count," enabling a remote ...

CVE-2008-5363

The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, does not validate character elements during retrieval from the dictionary data structure, which allows remote attackers to cause a denial of service NULL pointer...

CVE-2008-5361

The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, does not verify a member element's size when performing 1 DefineConstantPool, 2 ActionJump, 3 ActionPush, 4 ActionTry, and unspecified other actions, which allows...

CVE-2008-5361

Adobe Flash Player and Adobe AIR are affected by CVE-2008-5361. The vulnerability arises because the ActionScript 2 VM does not verify a member element’s size when performing DefineConstantPool, ActionJump, ActionPush, and ActionTry (and related actions), enabling a remote attacker to read sensit...