Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1655

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-1655
Last Modified 07 Mar 2011 10:07:25
Published 09 Apr 2008 05:05:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1655

Summary

Unspecified vulnerability in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, makes it easier for remote attackers to conduct DNS rebinding attacks via unknown vectors.

Vulnerable Systems

Application

  • Adobe Air 1.0

  • Adobe Flash Player 9.0.115.0

  • Adobe Flex 3.0


References

CERT - TA08-150A

CERT - TA08-100A

XF - adobe-flash-dnsrebinding-security-bypass(41807)

VUPEN - ADV-2008-1724

VUPEN - ADV-2008-1697

BID - 28697

REDHAT - RHSA-2008:0221

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb08-11.html

MISC - http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security.html#goal_dns

SECTRACK - 1019808

OSVDB - 44283

GENTOO - GLSA-200804-21

SUNALERT - 238305

SECUNIA - 30507

SECUNIA - 30430

SECUNIA - 29865

SECUNIA - 29763

SUSE - SUSE-SA:2008:022

APPLE - APPLE-SA-2008-05-28

Related Patches

Apple 2008-05-28 Security Update 2008-003 (PPC)

Apple 2008-05-28 Security Update 2008-003 Server (PPC)

Apple 2008-05-28 Mac OS X Server 10.5.3 Combo Update

Apple 2008-05-28 Security Update 2008-003 (Intel)

Apple 2008-05-28 Security Update 2008-003 Server (Universal)

Apple 2008-05-28 Mac OS X Server 10.5.3 Update

Apple 2008-05-28 Mac OS X 10.5.3 Combo Update (Rev 2)

Apple 2008-05-28 Mac OS X 10.5.3 Update

Adobe APSB08-11 Flash Player 9.0.r124 for IE (Upgrade) (All Languages)

Adobe Flash Player 9.0.124 for Mac OS X (PPC)

Adobe Flash Player 9.0.124 for Mac OS X (Universal)

Adobe APSB08-11 Flash Player 9.0.r124 for Netscape (Upgrade) (All Languages)


Last Updated: 27 May 2016 10:47:37