Heap-based buffer overflow vulnerability in Adobe Flash Player or Adobe AIR via an MP3 file with COMM tags that are mishandled during memory allocation (Mac OS X)| ID: oval:org.secpod.oval:def:32097 | Date: (C)2015-12-17 (M)2022-11-24 |
| Class: VULNERABILITY | Family: macos |
The host is installed with Adobe Flash Player before 18.0.0.268, 19.x, 20.x before 20.0.0.228 or Adobe AIR before 20.0.0.204 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle an MP3 file with COMM tags that are mishandled during memory allocation. Successful exploitation could allow attackers to execute arbitrary code.
| Platform: |
| Apple Mac OS 12 |
| Apple Mac OS 11 |
| Apple Mac OS X 10.14 |
| Apple Mac OS X 10.15 |
| Apple Mac OS X 10.12 |
| Apple Mac OS X 10.13 |
| Apple Mac OS X 10.8 |
| Apple Mac OS X 10.9 |
| Apple Mac OS X 10.10 |
| Apple Mac OS X 10.11 |
| Apple Mac OS X Server 10.8 |
| Apple Mac OS X Server 10.9 |
| Apple Mac OS X Server 10.10 |
| Apple Mac OS X Server 10.11 |
| Product: |
| Adobe Flash Player |
| Adobe AIR |
