Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:10137
HistoryNov 07, 2005 - 12:00 a.m.

Netscape Flash Player Arbitrary Code Execution Vulnerability

2005-11-0700:00:00
vulners.com
56
JSON

Description:
Versions Netscape Browser 8.0.3.3 and Netscape 7.2 are vulnerable due to
affected, default Flash Player version included during installation
process. File NPSWF32.dll (Flash v7.0.19.0) is copied to C:\Program
Files\Netscape\Netscape Browser\plugins and C:\Program
Files\Netscape\Netscape\plugins folders.
Affected plugin library file is from July 2005.

Solution:
Update Flash Player to version 8.0.22.0 with browser's Plugin Finder
Service manually.

CVE:
CAN-2005-2628 assigned earlier to Flash Player

It is possible to check the installed Flash version via About / Plugins
feature (Netscape 7.x) or with typing about:plugins to the browser
location bar (Netscape Browser 8.x). File version NPSWF32.dll mentioned
is the version of Macromodeia Flash Player plugin installed.
Method about:plugins works in both of these browsers.

Best regards,
Juha-Matti Laurio, Networksecurity.fi
Security researcher
Finland
http://www.networksecurity.fi/

Related

openvas 4
cert 1
nessus 4
checkpoint_advisories 2
securityvulns 4
packetstorm 1
cve 2
gentoo 1
ubuntucve 1
redhat 1
openvas
openvas
Gentoo Security Advisory GLSA 200511-21 (Flash)
2008-09-24 00:00:00
FreeBSD Ports: linux-flashplugin6
2008-09-04 00:00:00
FreeBSD Ports: linux-flashplugin6
2008-09-04 00:00:00
cert
cert
Macromedia Flash Player fails to properly validate the frame type identifier read from a "SWF" file
2005-11-11 00:00:00
nessus
nessus
GLSA-200511-21 : Macromedia Flash Player: Remote arbitrary code execution
2005-12-07 00:00:00
RHEL 3 / 4 : flash-plugin (RHSA-2005:835)
2013-01-24 00:00:00
Flash Player < 7.0.60.0 / 8.0.22.0 Multiple Vulnerabilities
2005-11-07 00:00:00
checkpoint_advisories
checkpoint_advisories
Macromedia Flash ActionDefineFunction Memory Access (CVE-2005-2628)
2010-07-15 00:00:00
Macromedia Flash Player Improper Memory Access (CVE-2005-2628)
2010-08-11 00:00:00
securityvulns
securityvulns
[Full-disclosure] SEC Consult SA-20051107-1 :: Macromedia Flash Player ActionDefineFunction Memory Corruption
2005-11-07 00:00:00
[Full-disclosure] [EEYEB-20050627B] Macromedia Flash Player Improper Memory Access Vulnerability
2005-11-05 00:00:00
Microsoft Security Bulletin MS06-020 Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution &#40;913433&#41;
2006-05-09 00:00:00
packetstorm
packetstorm
SEC-20051107-1.txt
2005-11-08 00:00:00
cve
cve
CVE-2005-2628
2005-11-05 11:02:00
CVE-2005-3591
2005-11-16 07:42:00
gentoo
gentoo
Macromedia Flash Player: Remote arbitrary code execution
2005-11-25 00:00:00
ubuntucve
ubuntucve
CVE-2005-2628
2005-11-05 00:00:00
redhat
redhat
(RHSA-2005:835) flash-plugin security update
2005-11-09 00:00:00
JSON
Related for SECURITYVULNS:DOC:10137
openvas4cert1nessus4checkpoint_advisories2securityvulns4packetstorm1cve2gentoo1ubuntucve1redhat1