CVSS: 5.0EPSS: 16%CPEs: 1EXPL: 0CVE-2007-4324 – Flash movie can determine whether a TCP port is open
https://notcve.org/view.php?id=CVE-2007-4324
ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not. NOTE: 9.0.115.0 introduces support for a workaround, but does not fix the vulnerability. ActionScript versión 3 (AS3) en Adobe Flash Player versiones 9.0.47.0 y 9.0.124.0 y anteriores, permite a atacantes remotos omitir el Security Sandbox Model, obtener información confidencial y analizar puertos hosts arbitrarios por medio de una película Flash (SWF) que especifica una conexión a realizar y, a continuación, usa discrepancias de tiempo del error SecurityErrorEvent para determinar si un puerto está abierto o no. NOTA: la versión 9.0.115.0 introduce soporte para una solución alternativa, pero no corrige esta vulnerabilidad. • http://kb.adobe.com/selfservice/viewContent.do?externalId=kb402956&sliceId=2 http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html http://scan.flashsec.org http://secunia.com/advisories/28157 http://secunia.com/advisories/28161 http://secunia.com/advisories/28213 http://secunia.com/advisories/28570 http://secunia.com/advisories/30507 http://secunia.com/advisories/32270 http://secunia.com/ad • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 0CVE-2007-3457
https://notcve.org/view.php?id=CVE-2007-3457
Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might allow remote attackers to conduct a CSRF attack via a crafted SWF file. Una vulnerabilidad de inyección SQL en el archivo inferno.php en el Inferno Technologies RPG Inferno versión 2.4 y anteriores, un módulo vBulletin, permite a atacantes autenticados remotos ejecutar comandos SQL arbitrarios por medio del parámetro id en una acción ScanMember do. • http://secunia.com/advisories/26027 http://secunia.com/advisories/26118 http://secunia.com/advisories/26357 http://secunia.com/advisories/28068 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1 http://www.adobe.com/support/security/bulletins/apsb07-12.html http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml http://www.kb.cert.org/vuls/id/138457 http://www.novell.com/linux/ • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.3EPSS: 96%CPEs: 9EXPL: 1CVE-2007-3456 – Adobe Flash Player 8.0.24 - '.SWF' File Handling Remote Code Execution
https://notcve.org/view.php?id=CVE-2007-3456
Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an "input validation error," including a signed comparison of values that are assumed to be non-negative. El desbordamiento de enteros en Adobe Flash Player versiones 9.0.45.0 y anteriores, podría permitir a los atacantes remotos ejecutar código arbitrario por medio de un valor de longitud grande para un (1) cadena larga o (2) tipo de variable XML en un archivo creado (a) FLV o (b) SWF, relacionado con un "input validation error" incluyendo una comparación firmada de valores que se supone que no son negativos • https://www.exploit-db.com/exploits/30288 http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://osvdb.org/38054 http://secunia.com/advisories/26027 http://secunia.com/advisories/26057 http://secunia.com/advisories/26118 http://secunia.com/advisories/26357 http://secunia.com/advisories/27643 http://secunia.com/advisories/28068 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1 h • CWE-20: Improper Input Validation CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 9%CPEs: 1EXPL: 0CVE-2007-2500
https://notcve.org/view.php?id=CVE-2007-2500
server/parser/sprite_definition.cpp in GNU Gnash (aka GNU Flash Player) 0.7.2 allows remote attackers to execute arbitrary code via a large number of SHOWFRAME elements within a DEFINESPRITE element, which triggers memory corruption and enables the attacker to call free with an arbitrary address, probably resultant from a buffer overflow. server/parser/sprite_definition.cpp de GNU Gnash (también conocido como GNU Flash Player) 0.7.2 permite a atacantes remotos ejecutar código de su elección mediante un número grande de elementos SHOWFRAME dentro de un elemento DEFINESPRITE, lo cual dispara corrupción de memoria y habilita al atacante a invocar liberación de memoria de direcciones de su elección, probablemente como resultado de un desbordamiento de búfer. • http://osvdb.org/37273 http://savannah.gnu.org/bugs/?19774 http://secunia.com/advisories/25787 http://www.novell.com/linux/security/advisories/2007_13_sr.html http://www.securityfocus.com/bid/23765 http://www.securitytracker.com/id?1018041 http://www.vupen.com/english/advisories/2007/1688 https://exchange.xforce.ibmcloud.com/vulnerabilities/34148 •
CVSS: 6.8EPSS: 1%CPEs: 76EXPL: 0CVE-2007-2022 – kdebase3 flash-player interaction problem
https://notcve.org/view.php?id=CVE-2007-2022
Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet. Adobe Macromedia Flash Player versiones 7 y 9, cuando es usado con Opera versiones anteriores a 9.20 o Konqueror anteriores a 20070613, permite a atacantes remotos obtener información confidencial (pulsaciones de teclas del navegador), que son filtradas en la applet de Flash Player. • ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc http://secunia.com/advisories/24877 http://secunia.com/advisories/25027 http://secunia.com/advisories/25432 http://secunia.com/advisories/25662 http://secunia.com/advisories/25669 http://secunia.com/advisories/25894 http://secunia.com/advisories/25933 http://secunia.com/advisories/26027 http://secunia.com/advisories/26118 http://secunia.com/advisories/26357 http://secunia.com/advisories/26860 http:/& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •