Closed
Bug 527271
Opened 15 years ago
Closed 13 years ago
Crash [ @ NPSWF32+0x9120b ] | Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at NPSWF32+0x000000000009120b
Categories
(External Software Affecting Firefox Graveyard :: Flash (Adobe), defect)
External Software Affecting Firefox Graveyard
Flash (Adobe)
Tracking
(Not tracked)
RESOLVED
WORKSFORME
People
(Reporter: bc, Unassigned)
References
()
Details
(Keywords: crash)
Flash 10.0.42.34 http://www.elinformador.com.ve/diario/2009.11.01 (d98.1f4): Access violation - code c0000005 (!!! second chance !!!) eax=00000260 ebx=0000008a ecx=00000000 edx=00000000 esi=000000ba edi=0727dad0 eip=06c5120b esp=0012dd34 ebp=0012dd84 iopl=0 nv up ei pl zr na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00240246 Exploitability Classification: UNKNOWN Recommended Bug Title: Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at NPSWF32+0x000000000009120b (Hash=0x0a3c3e75.0x73726a4a) The data from the faulting address is later used as one or more of the arguments to a function call. ChildEBP RetAddr WARNING: Stack unwind information not available. Following frames may be wrong. 0012dd84 06c3ec1c NPSWF32+0x9120b 0012ddb0 06c43d04 NPSWF32+0x7ec1c 0012dde8 06c1bdbd NPSWF32+0x83d04 0012ddf8 06c1be70 NPSWF32+0x5bdbd 0012de04 06c37189 NPSWF32+0x5be70 0012de14 06c35a7d NPSWF32+0x77189 0012de28 06c45a18 NPSWF32+0x75a7d 0012e6e4 06c46351 NPSWF32+0x85a18 0012e6f8 06c49aed NPSWF32+0x86351 0012e740 77f16f0a NPSWF32+0x89aed 00000000 00000000 GDI32!DeleteDC+0xab
Reporter | ||
Comment 1•15 years ago
|
||
Actually, this one didn't crash. Are these non-crashing !exploitable reports useful at all?
Keywords: crash
Summary: Crash [ @ NPSWF32+0x9120b ] → Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at NPSWF32+0x000000000009120b
Reporter | ||
Comment 2•15 years ago
|
||
Damn, the first run was with 1.9.2. The second run was with 1.9.3 and it did crash.
Keywords: crash
Summary: Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at NPSWF32+0x000000000009120b → Crash [ @ NPSWF32+0x9120b ] | Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at NPSWF32+0x000000000009120b
Reporter | ||
Comment 3•15 years ago
|
||
possibly related eax=00000034 ebx=6d422608 ecx=0000004c edx=0000000f esi=00000037 edi=00000082 eip=06c3c942 esp=0012d538 ebp=0012d5b8 iopl=0 nv up ei pl nz ac po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00240212 06c3c942 8b0c93 mov ecx,dword ptr [ebx+edx*4] ds:0023:6d422644=???????? Exploitability Classification: UNKNOWN Recommended Bug Title: Read Access Violation starting at NPSWF32+0x000000000007c942 (Hash=0x0a3c3e75.0x5d402c24) ChildEBP RetAddr WARNING: Stack unwind information not available. Following frames may be wrong. 0012d5b8 06c3e644 NPSWF32+0x7c942 0012de28 06c45b16 NPSWF32+0x7e644 0012e6e4 06c46351 NPSWF32+0x85b16 0012e6f8 06c49aed NPSWF32+0x86351 0012e740 77f16f0a NPSWF32+0x89aed 00000000 00000000 GDI32!DeleteDC+0xab quit: http://issuu.com/mnovine/docs/mnovine739i?mode=embed&documentId=080529141635-9953d9ac231e42788d00d2305b793e02&layout=grey: EXIT STATUS: ABNORMAL 84 (33.400000 seconds)
Reporter | ||
Comment 4•15 years ago
|
||
another crash with this stack http://www.ucsdguardian.org/todays-issue/page/4/
Comment 6•15 years ago
|
||
also noticed this crash on mac - changing os to all
OS: Windows XP → All
Hardware: x86 → All
Reporter | ||
Comment 7•13 years ago
|
||
update crash bugs to critical per guidelines.
Severity: normal → critical
Reporter | ||
Comment 8•13 years ago
|
||
domain is gone.
Group: mozilla-corporation-confidential
Status: NEW → RESOLVED
Closed: 13 years ago
Component: Plug-ins → Flash (Adobe)
Product: Core → Plugins
QA Contact: plugins → adobe-flash
Resolution: --- → WORKSFORME
Version: Trunk → 10.3
Comment 9•8 years ago
|
||
Version and milestone values are being reset to defaults as part of product refactoring.
Version: 10.3 → unspecified
Updated•2 years ago
|
Product: External Software Affecting Firefox → External Software Affecting Firefox Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•