Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6148

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-6148
Last Modified 07 Mar 2011 10:02:03
Published 13 Feb 2008 04:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6148

Summary

Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to execute arbitrary code via an unspecified sequence of Real Time Message Protocol (RTMP) requests.

Vulnerable Systems

Application

  • Adobe Connect Enterprise Server 6

  • Adobe Flash Media Server 2 2.0.4


References

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb08-04.html

SECUNIA - 28947

VUPEN - ADV-2008-0539

VUPEN - ADV-2008-0538

BID - 27762

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb08-03.html

IDEFENSE - 20080212 Adobe Flash Media Server 2 Memory Corruption Vulnerability

SECTRACK - 1019398


Last Updated: 27 May 2016 10:46:24