...
The following noncompliant code example is similar to a vulnerability in Adobe Flash player that was first exploited in 2008. (See See http://www.securityfocusiss.comnet/blogs/746 for threats/289.html for more information). This code allocates a block of memory, and initializes it with some data. The data does not belong at the beginning of the block, which is left uninitialized. Instead, it is placed offset bytes within the block. The function ensures that the data fits within the allocated block.
...