Vulnerabilities > CVE-2002-1625 - Unspecified vulnerability in Macromedia Flash Player 6.0

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

macromedia

NVD

Published: 2002-12-31

Updated: 2017-07-11

Summary

Macromedia Flash Player 6 does not terminate connections when the user leaves the web page, which allows remote attackers to cause a denial of service (bandwidth, resource, and CPU consumption) via the (1) loadMovie or (2) loadSound commands, which continue to execute until the browser is closed.

Vulnerable Configurations

Part	Description	Count
Application	Macromedia Macromedia Flash Player 6.0	1

References

http://www.kb.cert.org/vuls/id/128491
http://www.macromedia.com/v1/handlers/index.cfm?ID=22796&Method=Full&Title=Macromedia%20Flash%20Player%206%20Streaming%20Issue&Cache=False
http://www.securityfocus.com/bid/4567
https://exchange.xforce.ibmcloud.com/vulnerabilities/8925