CVE-2008-5363 — Vulnetix

Try Vulnetix Request Demo

CVE-2008-5363 PUBLISHED

Reported by mitre · Published December 8, 2008

The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, does not validate character elements during retrieval from the dictionary data structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF file.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a

Timeline

Dec 8, 2008 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jun 8, 2023 EPSS Score
Jul 10, 2023 EPSS Score

References

20081122 Adobe Flash Multiple Vulnerabilities mailing-listx_refsource_BUGTRAQ
33390 third-party-advisoryx_refsource_SECUNIA
x_refsource_MISC
x_refsource_CONFIRM
x_refsource_MISC
34226 third-party-advisoryx_refsource_SECUNIA
4692 third-party-advisoryx_refsource_SREASON
GLSA-200903-23 vendor-advisoryx_refsource_GENTOO
248586 vendor-advisoryx_refsource_SUNALERT

Open in Interactive Console →