CVE-2007-6019 – Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability
https://notcve.org/view.php?id=CVE-2007-6019
Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via an SWF file with a modified DeclareFunction2 Actionscript tag, which prevents an object from being instantiated properly. Adobe Flash Player 9.0.115.0 y versiones anteriores, y 8.0.39.0 y versiones anteriores, permite a atacantes remotos ejecutar código de su elección a través de un fichero SWF con una etiqueta modificada DeclareFunction2 Actionscript, lo cual evita que un objeto sea instanciado adecuadamente. This vulnerability allows remote attackers to execute code on vulnerable installations of Adobe's Flash Player. User interaction is required in that a user must visit a malicious web site. The specific flaw exists when the Flash player attempts to access embedded Actionscript objects that have not been properly instantiated. In order for exploitation to occur, an attacker would have to modify a DeclareFunction2 Actionscript tag within an SWF file. • https://www.exploit-db.com/exploits/31630 http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html http://secunia.com/advisories/29763 http://secunia.com/advisories/29865 http://secunia.com/advisories/30430 http://secunia.com/advisories/30507 http://securityreason.com/securityalert/3805 http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1 http://www.adobe.com/support/security • CWE-20: Improper Input Validation •
CVE-2007-6243 – Flash Player cross-domain and cross-site scripting flaws
https://notcve.org/view.php?id=CVE-2007-6243
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks. Adobe Flash Player 9.x hasta 9.0.48.0, 8.x hasta 8.0.35.0, y 7.x hasta 7.0.70.0 no restringe suficientemente la interpretación y uso de los ficheros de políticas de cruce de dominios, lo cual facilita a atacantes remotos llevar a cabo ataques de salto de dominio y de secuencias de comandos en sitios cruzados (XSS). • http://jvn.jp/jp/JVN%2345675516/index.html http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html http://secunia.com/advisories/28161 http://secunia.com/advisories/28213 http://secunia.com/advisories/28570 http://secunia.com/advisories/29763 http • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-264: Permissions, Privileges, and Access Controls •
CVE-2007-6246 – flash: privilege escalation
https://notcve.org/view.php?id=CVE-2007-6246
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0, when running on Linux, uses insecure permissions for memory, which might allow local users to gain privileges. Adobe Flash Player 9.x hasta 9.0.48.0, 8.x hasta 8.0.35.0, y 7.x hasta 7.0.70.0, cuando se ejecuta en Linux, usa permisos inseguros para la memoria, lo cual podría permitir a usuarios locales obtener privilegios. • http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html http://secunia.com/advisories/28157 http://secunia.com/advisories/28161 http://secunia.com/advisories/28213 http://secunia.com/advisories/28570 http://secunia.com/advisories/30507 http://securitytracker.com/id?1019116 http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1 http://www.adobe.com/support/security/bulletins/apsb07-20.html http://www.gentoo.org/security/en/glsa/glsa-200801-07.xml • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2007-5476
https://notcve.org/view.php?id=CVE-2007-5476
Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown "Highly Severe" impact and unknown attack vectors. Vulnerabilidad no especificada en en Adobe Flash Player 9.0.47.0 y anteriores, cuando se ejecuta sobre Opera anterior a 9.24 en Mac OS X, tiene impacto "Altamente Severo" desconocido y vectores de ataque desconocidos. • http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://secunia.com/advisories/28136 http://secunia.com/advisories/28161 http://secunia.com/advisories/30507 http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1 http://www.adobe.com/support/security/advisories/apsa07-05.html http://www.adobe.com/support/security/bulletins/apsb07-20.html http://www.opera.com/support/search/view/868 http: •
CVE-2007-4324 – Flash movie can determine whether a TCP port is open
https://notcve.org/view.php?id=CVE-2007-4324
ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not. NOTE: 9.0.115.0 introduces support for a workaround, but does not fix the vulnerability. ActionScript versión 3 (AS3) en Adobe Flash Player versiones 9.0.47.0 y 9.0.124.0 y anteriores, permite a atacantes remotos omitir el Security Sandbox Model, obtener información confidencial y analizar puertos hosts arbitrarios por medio de una película Flash (SWF) que especifica una conexión a realizar y, a continuación, usa discrepancias de tiempo del error SecurityErrorEvent para determinar si un puerto está abierto o no. NOTA: la versión 9.0.115.0 introduce soporte para una solución alternativa, pero no corrige esta vulnerabilidad. • http://kb.adobe.com/selfservice/viewContent.do?externalId=kb402956&sliceId=2 http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html http://scan.flashsec.org http://secunia.com/advisories/28157 http://secunia.com/advisories/28161 http://secunia.com/advisories/28213 http://secunia.com/advisories/28570 http://secunia.com/advisories/30507 http://secunia.com/advisories/32270 http://secunia.com/ad • CWE-264: Permissions, Privileges, and Access Controls •