Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4822

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-4822
Last Modified 30 Oct 2012 11:06:02
Published 10 Nov 2008 09:12:55
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4822

Summary

Adobe Flash Player 9.0.124.0 and earlier does not properly interpret policy files, which allows remote attackers to bypass a non-root domain policy.

Vulnerable Systems

Application

  • Adobe Flash Player 7.0.69.0

  • Adobe Flash Player 8.0.39.0

  • Adobe Flash Player 9

  • Adobe Flash Player 9.0.112.0

  • Adobe Flash Player 9.0.114.0

  • Adobe Flash Player 9.0.115.0

  • Adobe Flash Player 9.0.124.0

  • Adobe Flash Player 9.0.16

  • Adobe Flash Player 9.0.18d60

  • Adobe Flash Player 9.0.20

  • Adobe Flash Player 9.0.20.0

  • Adobe Flash Player 9.0.28

  • Adobe Flash Player 9.0.28.0

  • Adobe Flash Player 9.0.31

  • Adobe Flash Player 9.0.31.0

  • Adobe Flash Player 9.0.45.0

  • Adobe Flash Player 9.0.47.0

  • Adobe Flash Player 9.0.48.0


References

CERT - TA08-350A

BID - 32129

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb08-20.html

VUPEN - ADV-2008-3444

SECTRACK - 1021150

REDHAT - RHSA-2008:0980

CONFIRM - http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=834256&poid=

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-440.htm

CONFIRM - http://support.apple.com/kb/HT3338

SUNALERT - 248586

GENTOO - GLSA-200903-23

SECUNIA - 34226

SECUNIA - 33390

SECUNIA - 33179

SECUNIA - 32702

APPLE - APPLE-SA-2008-12-15

XF - adobe-flash-domainpolicy-security-bypass(46535)

Related Patches

Apple 2008-12-15 Security Update 2008-008 (Client PPC)

Apple 2008-12-15 Security Update 2008-008 Server (PPC)

Apple 2008-12-15 Security Update 2008-008 Server (Intel)

Apple 2008-12-15 Mac OS X Server 10.5.6 Combo Update

Apple 2008-12-15 Mac OS X 10.5.6 Combo Update

Apple 2008-12-15 Mac OS X 10.5.6 Update

Apple 2008-12-15 Security Update 2008-008 (Client Intel)

Apple 2008-12-15 Mac OS X Server 10.5.6 Update

Adobe Flash Player 10.0.12.36 for Mac OS X (PPC) (Rev 2)


Last Updated: 27 May 2016 11:01:21