For the complete experience, please enable JavaScript in your browser. Thank you!
Release date: March 19, 2008
Vulnerability identifier: APSA08-03
CVE number: CVE-2008-1201
Platform: Windows
Adobe is aware of a recently published security issue in Flash CS3 Professional, Flash Professional 8 and Flash Basic 8 that could potentially cause code execution. This issue does not affect any version of Flash Player. An attacker would need to convince a user to open a malicious FLA file to successfully exploit the issue.
An attacker would need to convince a user to open a malicious FLA file to successfully exploit the issue. Adobe recommends that developers exercise caution when receiving unsolicited or suspicious FLA files. This issue does not affect the Mac versions of Flash Professional and Flash Basic.
FLA is the private file format of Flash Professional and Flash Basic. Flash Player and browsers can not interpret FLA files, so remote exploitation is not possible, and this issue does not affect any version of Flash Player. It is uncommon to find FLA files on web sites other than well-known web sites that include downloadable FLA files as tutorials for Flash users. FLA files can not be interpreted or viewed natively by Operating Systems such as Windows or Mac OS. Adobe will be fixing this issue in the next major release of Flash Professional.
Adobe categorizes this as a critical issue and recommends that developers exercise caution when receiving unsolicited or suspicious FLA files.
Adobe would like to thank cocoruder of Fortinet Security Research Team for reporting this vulnerability and for working with us to help protect our customers' security.
Americas
Europe, Middle East and Africa
Asia Pacific
Copyright © 2024 Adobe Systems Incorporated. All rights reserved.
