CVE-2008-4546

Adobe Flash Player - Denial of Service via HTTP Response Mismatch

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-4546. PoCs published by Matthew Dempsky.

AI-analyzed exploit summary The provided text is a vulnerability writeup for CVE-2008-4546, describing a remote denial-of-service (DoS) vulnerability in Adobe Flash Player Plugin versions 9.0.45.0, 9.0.112.0, 9.0.124.0, 10.0.12.10, and others. It lacks exploit code and only contains advisory information.

Description

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Matthew Dempsky · textdoslinux
https://www.exploit-db.com/exploits/32452

The provided text is a vulnerability writeup for CVE-2008-4546, describing a remote denial-of-service (DoS) vulnerability in Adobe Flash Player Plugin versions 9.0.45.0, 9.0.112.0, 9.0.124.0, 10.0.12.10, and others. It lacks exploit code and only contains advisory information.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: Adobe Flash Player Plugin (versions 9.0.45.0, 9.0.112.0, 9.0.124.0, 10.0.12.10, 10.0.22.87, and others)
No auth needed
Prerequisites: Vulnerable version of Adobe Flash Player Plugin · Ability to deliver malicious content to the target
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (32)

Core 32
Core References
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/4401
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0192
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1421
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT4435
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40545
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0464.html
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1793
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/43026
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1432
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201101-09.xml
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA10-162A.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7187
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1024085
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1024086
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/496929/100/0/threaded
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1434
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/45630
Various Sources vendor-advisory x_refsource_turbo
http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt
Various Sources vendor-advisory x_refsource_hp
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32759
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0470.html
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1482
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16302
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1522
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/31537
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1453

Scores

EPSS 0.1677
EPSS Percentile 96.7%

Details

CWE
CWE-399
Status published
Products (4)
adobe/flash_player 9.0.45.0
adobe/flash_player 9.0.112.0
adobe/flash_player 9.0.115.0
adobe/flash_player 10.0.12.10
Published Oct 14, 2008
Tracked Since Feb 18, 2026