CVE-2007-0071 - Absolute Drag


Integer overflow in Adobe Flash Player and earlier and and earlier allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value which passes a signed comparison is used as an offset of a NULL pointer and triggers a buffer overflow.