Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6243

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-6243
Last Modified 07 Mar 2011 10:02:15
Published 19 Dec 2007 08:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6243

Summary

Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks.

Vulnerable Systems

Application

  • Adobe Flash Player 9.0.48.0


References

CERT - TA08-150A

CERT - TA08-100A

CERT - TA07-355A

CERT-VN - VU#935737

XF - adobe-unspecified-security-bypass(39129)

VUPEN - ADV-2008-1724

VUPEN - ADV-2008-1697

VUPEN - ADV-2007-4258

BID - 26966

BID - 26929

REDHAT - RHSA-2008:0980

REDHAT - RHSA-2008:0945

REDHAT - RHSA-2008:0221

GENTOO - GLSA-200804-21

GENTOO - GLSA-200801-07

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb08-11.html

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb07-20.html

MISC - http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security.html

CONFIRM - http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=834256&poid=

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-440.htm

SUNALERT - 248586

SUNALERT - 238305

SECTRACK - 1019116

SECUNIA - 33390

SECUNIA - 32759

SECUNIA - 32702

SECUNIA - 32448

SECUNIA - 30507

SECUNIA - 30430

SECUNIA - 29865

SECUNIA - 29763

SECUNIA - 28570

SECUNIA - 28213

SECUNIA - 28161

SUSE - SUSE-SR:2008:025

SUSE - SUSE-SA:2008:022

SUSE - SUSE-SA:2007:069

APPLE - APPLE-SA-2008-05-28

JVN - JVN#45675516

Related Patches

Apple 2008-05-28 Security Update 2008-003 (PPC)

Apple 2008-05-28 Security Update 2008-003 Server (PPC)

Apple 2008-05-28 Mac OS X Server 10.5.3 Combo Update

Apple 2008-05-28 Security Update 2008-003 (Intel)

Apple 2008-05-28 Security Update 2008-003 Server (Universal)

Apple 2008-05-28 Mac OS X Server 10.5.3 Update

Apple 2008-05-28 Mac OS X 10.5.3 Combo Update (Rev 2)

Apple 2008-05-28 Mac OS X 10.5.3 Update

Adobe APSB07-20 Flash Player 9.0.r115 for IE (Upgrade) (All Languages)

Adobe APSB08-11 Flash Player 9.0.r124 for IE (Upgrade) (All Languages)

Adobe Flash Player 10.0.12.36 for Mac OS X (PPC) (Rev 2)

Adobe Flash Player 9.0.115 for Mac OS X (PPC)

Adobe Flash Player 9.0.115 for Mac OS X (Universal)

Adobe Flash Player 9.0.124 for Mac OS X (PPC)

Adobe Flash Player 9.0.124 for Mac OS X (Universal)

Adobe APSB08-11 Flash Player 9.0.r124 for Netscape (Upgrade) (All Languages)


Last Updated: 27 May 2016 10:46:25