CVE-2002-1382

Macromedia Flash Player before 6.0.65.0 allows remote attackers to execute arbitrary code via certain malformed data headers in Shockwave Flash file format (SWF) files, a different issue than CAN-2002-0846.

Published: Dec 23, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-1382
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
macromedia / flash_player	5.0_r50	5.0_r50.x
macromedia / flash_player	5.0	5.0.x
macromedia / flash_player	6.0.29.0	6.0.29.0.x
macromedia / flash_player	6.0	6.0.x
macromedia / flash_player	4.0_r12	4.0_r12.x
macromedia / flash_player	6.0.47.0	6.0.47.0.x
macromedia / flash_player	6.0.40.0	6.0.40.0.x

http://marc.info/?l=bugtraq&m=104014220727109&w=2
http://marc.info/?l=vulnwatch&m=104013370116670
http://www.macromedia.com/v1/handlers/index.cfm?ID=23569
http://www.securityfocus.com/bid/6383
https://exchange.xforce.ibmcloud.com/vulnerabilities/10861

Vulnerability Database

289,697

CVE-2002-1382