Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6149

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-6149
Last Modified 07 Mar 2011 10:02:03
Published 13 Feb 2008 04:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6149

Summary

Multiple integer overflows in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allow remote attackers to execute arbitrary code via a Real Time Message Protocol (RTMP) message with a crafted integer field that is used for allocation.

Vulnerable Systems

Application

  • Adobe Connect Enterprise Server 6

  • Adobe Flash Media Server 2 2.0.4


References

BID - 27762

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb08-04.html

SECUNIA - 28947

SECUNIA - 28946

VUPEN - ADV-2008-0539

VUPEN - ADV-2008-0538

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb08-03.html

IDEFENSE - 20080212 Adobe Flash Media Server 2 Multiple Integer Overflow Vulnerabilities

XF - adobe-connect-edge-bo(40471)

SECTRACK - 1019399


Last Updated: 27 May 2016 10:46:24