[VIM] Adobe/Macromedia MPSB05-11 addresses CVE-2005-4216

Steven M. Christey coley at mitre.org
Sun Dec 18 14:58:10 EST 2005

Just confirmed with Adobe PSIRT that advisory MPSB05-11 addresses
CVE-2005-4216 (reported by dr_insane Dec 7).

It was originally a judgment call CVE-wise because the descriptions
and disclosure dates were aligned fairly well, but the advisory was
just vague enough - and released so soon after initial disclosure -
that I wanted that extra confidence.

- Steve

Name: CVE-2005-4216
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4216
Reference: MISC:http://www.ipomonis.com/advisories/Flash_media_server_2.txt
Reference: CONFIRM:http://www.macromedia.com/devnet/security/security_zone/mpsb05-11.html
Reference: BID:15822
Reference: URL:http://www.securityfocus.com/bid/15822
Reference: FRSIRT:ADV-2005-2865
Reference: URL:http://www.frsirt.com/english/advisories/2005/2865
Reference: SECTRACK:1015346
Reference: URL:http://securitytracker.com/id?1015346
Reference: SECUNIA:17978
Reference: URL:http://secunia.com/advisories/17978
Reference: XF:macromedia-fmsadmin-dos(23563)
Reference: URL:http://xforce.iss.net/xforce/xfdb/23563

The Administration Service (FMSAdmin.exe) in Macromedia Flash Media
Server 2.0 r1145 allows remote attackers to cause a denial of service
(application crash) via a malformed request with a single character to
port 1111.

More information about the VIM mailing list