CVE-2005-3591

Published: Nov 16, 2005Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and earlier and (2) libflashplayer.so before 7.0.25.0 (Unix) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via parameters to the ActionDefineFunction ActionScript call in a SWF file, which causes an improper memory access condition, a different vulnerability than CVE-2005-2628.

Affected (8)

Products: Macromedia: Flash Player

1 product

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Macromedia Flash Player	Version 6.0.29.0
Macromedia Flash Player	Version 6.0.40.0
Macromedia Flash Player	Version 6.0.47.0
Macromedia Flash Player	Version 6.0.65.0
Macromedia Flash Player	Version 6.0.79.0
Macromedia Flash Player	Version 6.0
Macromedia Flash Player	Version 7.0.19.0
Macromedia Flash Player	Version 7.0_r19

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (26)

http://marc.info/?l=bugtraq&m=113140426614670&w=2

Source: cve@mitre.org

http://secunia.com/advisories/17430/

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/advisories/17437/

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/17481/

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/17626/

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/17738/

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/149

Source: cve@mitre.org

http://www.macromedia.com/devnet/security/security_zone/mpsb05-07.html

Source: cve@mitre.org

Vendor Advisory

http://www.microsoft.com/technet/security/advisory/910550.mspx

Source: cve@mitre.org

Vendor Advisory

http://www.sec-consult.com/226.html

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://www.securityfocus.com/bid/15334

Source: cve@mitre.org

ExploitPatch

http://www.vupen.com/english/advisories/2005/2317

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/23022

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=113140426614670&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/17430/

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://secunia.com/advisories/17437/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/17481/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/17626/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/17738/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securityreason.com/securityalert/149

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.macromedia.com/devnet/security/security_zone/mpsb05-07.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.microsoft.com/technet/security/advisory/910550.mspx

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.sec-consult.com/226.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

http://www.securityfocus.com/bid/15334

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

http://www.vupen.com/english/advisories/2005/2317

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/23022

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.