The 2008 Pwnie Nominee For Most Over-Hyped Bug

Adobe Flash Player non-0day remote code execution (BID 29386)

Symantec

Those sirens that you heard in the middle of the night on May 28, 2008 weren’t an air raid or tornado alert. No, they were because Symantec had elevated the ThreatCon to chartreuse! Symantec observed active exploitation of a zero-day vulnerability in Adobe Flash. It turned out, however, that it wasn’t a zero-day bug at all, but instead an exploit for the DefineSceneAndFrameLabelData vulnerability patched a month prior.

 (BID 29386)