Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4823

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-4823
Last Modified 07 Mar 2011 10:13:21
Published 10 Nov 2008 09:12:55
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4823

Summary

Cross-site scripting (XSS) vulnerability in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to loose interpretation of an ActionScript attribute.

Vulnerable Systems

Application

  • Adobe Flash Player 7.0.69.0

  • Adobe Flash Player 8.0.39.0

  • Adobe Flash Player 9

  • Adobe Flash Player 9.0.112.0

  • Adobe Flash Player 9.0.114.0

  • Adobe Flash Player 9.0.115.0

  • Adobe Flash Player 9.0.124.0

  • Adobe Flash Player 9.0.16

  • Adobe Flash Player 9.0.18d60

  • Adobe Flash Player 9.0.20

  • Adobe Flash Player 9.0.20.0

  • Adobe Flash Player 9.0.28

  • Adobe Flash Player 9.0.28.0

  • Adobe Flash Player 9.0.31

  • Adobe Flash Player 9.0.31.0

  • Adobe Flash Player 9.0.45.0

  • Adobe Flash Player 9.0.47.0

  • Adobe Flash Player 9.0.48.0


References

CERT - TA08-350A

BID - 32129

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb08-20.html

VUPEN - ADV-2008-3444

SECTRACK - 1021151

REDHAT - RHSA-2008:0980

CONFIRM - http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=834256&poid=

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-440.htm

CONFIRM - http://support.apple.com/kb/HT3338

SUNALERT - 248586

GENTOO - GLSA-200903-23

SECUNIA - 34226

SECUNIA - 33390

SECUNIA - 33179

SECUNIA - 32702

APPLE - APPLE-SA-2008-12-15

Related Patches

Apple 2008-12-15 Security Update 2008-008 (Client PPC)

Apple 2008-12-15 Security Update 2008-008 Server (PPC)

Apple 2008-12-15 Security Update 2008-008 Server (Intel)

Apple 2008-12-15 Mac OS X Server 10.5.6 Combo Update

Apple 2008-12-15 Mac OS X 10.5.6 Combo Update

Apple 2008-12-15 Mac OS X 10.5.6 Update

Apple 2008-12-15 Security Update 2008-008 (Client Intel)

Apple 2008-12-15 Mac OS X Server 10.5.6 Update

Adobe Flash Player 10.0.12.36 for Mac OS X (PPC) (Rev 2)


Last Updated: 27 May 2016 10:48:38