The bug was submitted to Adobe by researcher Matthew Dempsky in September 2008. It causes the Flash Player and browser to crash when a Flash 9 SWF returns two URLs in sequence containing a SWF file – the first designed for version 7 of Flash Player, and the second for version 8. The Flash Player plug-in attempted to deference a null pointer, which is what caused the crash.
There is no evidence that the bug could be used to exploit a computer, by running arbitrary code, for example, but Adobe's Flash Player product manager Emmy Huang apologized on her blog, arguing that the company takes "crasher" bugs seriously, and explaining that this one slipped through the cracks.
Huang explained that the bug was submitted after code had been frozen for version 10 of Adobe Flash Player, making it impossible to fix in that release.
"'The mistake we made was marking this bug for 'next' release, which is the soon-to-be released Flash Player 10.1, instead of marking it for the next Flash Player 10 security dot release. We should have kept in contact with the submitter and to let him know the progress, sorry we did not do that."
The embarrassment couldn't come at a worse time for Adobe. Steve Jobs has been quoted as saying that Adobe is too lazy, and that its Flash player is too buggy. This has been posited as the reason that he did not integrate Adobe's Flash player into the recently-launched iPad, leading Adobe's platform evangelist Lee Brimelo to post an angry response showing a selection of sites that would not display correctly on the new Apple device.
The bug has now been fixed in Adobe Flash Player 10.1