5919464 2001-01-05 18:01 +0000 /52 rader/ Krawetz, Neal <nealk@VERINET.COM> Sänt av: joel@lysator.liu.se Importerad: 2001-01-05 19:59 av Brevbäraren (som är implementerad i) Python Extern mottagare: BUGTRAQ@SECURITYFOCUS.COM Externa svar till: nealk@VERINET.COM Mottagare: Bugtraq (import) <14617> Ärende: Re: Shockwave Flash buffer overflow ------------------------------------------------------------ From: "Krawetz, Neal" <nealk@VERINET.COM> To: BUGTRAQ@SECURITYFOCUS.COM Message-ID: <20010105180109.22507.qmail@securityfocus.com> > > ===== > > Area of affect: > > All SWF plugins on all platforms. > > I have validated it with the Shockwave Flash plugins > versions 2 through 8. > > v 2-8..? Are you talking about the shockwave plugin > for director, or the shcokwave flash plugin? the flash > plugin goes from 2-5 as far as I know... From what I can tell, Shockwave version 8 includes Flash version 5. Technically, the problem appears to be in Flash. > > ===== > > Root cause: > > (Keep in mind -- I have not actually seen the source > code for the > plugins -- > > I have only determined this from the symptoms.) > > The source code for the player is available for free if > you wish to have a look... > http://www.macromedia.com/software/flash/open/lice nsing/sourcecode/ > > Robin Thanks, I'll definitely take a look. As an aside... I have had a few followups with Macromedia, including a very productive phone conference. On Monday or Tuesday I will post a summary message. (Both Macromedia and myself are investigating a few remaining technical points.) But in general: BugTraq works. I am very impressed. (5919464) ------------------------------------------