CVE-2007-2022

EPSS 15.37%
Published 13.04.2007 18:19:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet.

Affected products Warnungen 0 Metrics 2 CWE 1 References 36

Data is provided by the National Vulnerability Database (NVD)

Adobe ≫ Flash Player Version7.0.25

Adobe ≫ Flash Player Version8.0

Adobe ≫ Flash Player Version9.0.18d60

Adobe ≫ Flash Player Version9.0.20

Adobe ≫ Flash Player Version9.0.28

Opera ≫ Opera Browser Version5.0

Opera ≫ Opera Browser Version5.0 Updatebeta2

Opera ≫ Opera Browser Version5.0 Updatebeta3

Opera ≫ Opera Browser Version5.0 Updatebeta4

Opera ≫ Opera Browser Version5.0 Updatebeta5

Opera ≫ Opera Browser Version5.0 Updatebeta6

Opera ≫ Opera Browser Version5.0 Updatebeta7

Opera ≫ Opera Browser Version5.0 Updatebeta8

Opera ≫ Opera Browser Version5.02

Opera ≫ Opera Browser Version5.10

Opera ≫ Opera Browser Version5.11

Opera ≫ Opera Browser Version5.12

Opera ≫ Opera Browser Version6.0

Opera ≫ Opera Browser Version6.0 Updatebeta1

Opera ≫ Opera Browser Version6.0 Updatebeta2

Opera ≫ Opera Browser Version6.0 Updatetp1

Opera ≫ Opera Browser Version6.0 Updatetp2

Opera ≫ Opera Browser Version6.0 Updatetp3

Opera ≫ Opera Browser Version6.1

Opera ≫ Opera Browser Version6.01

Opera ≫ Opera Browser Version6.1 Updatebeta1

Opera ≫ Opera Browser Version6.02

Opera ≫ Opera Browser Version6.03

Opera ≫ Opera Browser Version6.04

Opera ≫ Opera Browser Version6.05

Opera ≫ Opera Browser Version6.06

Opera ≫ Opera Browser Version6.11

Opera ≫ Opera Browser Version6.12

Opera ≫ Opera Browser Version7.0

Opera ≫ Opera Browser Version7.0 Updatebeta1

Opera ≫ Opera Browser Version7.0 Updatebeta1_v2

Opera ≫ Opera Browser Version7.0 Updatebeta2

Opera ≫ Opera Browser Version7.01

Opera ≫ Opera Browser Version7.02

Opera ≫ Opera Browser Version7.03

Opera ≫ Opera Browser Version7.10

Opera ≫ Opera Browser Version7.10 Updatebeta1

Opera ≫ Opera Browser Version7.11

Opera ≫ Opera Browser Version7.11 Updatebeta2

Opera ≫ Opera Browser Version7.20

Opera ≫ Opera Browser Version7.20 Updatebeta7

Opera ≫ Opera Browser Version7.21

Opera ≫ Opera Browser Version7.22

Opera ≫ Opera Browser Version7.23

Opera ≫ Opera Browser Version7.50

Opera ≫ Opera Browser Version7.50 Updatebeta1

Opera ≫ Opera Browser Version7.51

Opera ≫ Opera Browser Version7.52

Opera ≫ Opera Browser Version7.53

Opera ≫ Opera Browser Version7.54

Opera ≫ Opera Browser Version7.54 Updateupdate1

Opera ≫ Opera Browser Version7.54 Updateupdate2

Opera ≫ Opera Browser Version7.60

Opera ≫ Opera Browser Version8.0

Opera ≫ Opera Browser Version8.0 Updatebeta1

Opera ≫ Opera Browser Version8.0 Updatebeta2

Opera ≫ Opera Browser Version8.0 Updatebeta3

Opera ≫ Opera Browser Version8.01

Opera ≫ Opera Browser Version8.02

Opera ≫ Opera Browser Version8.50

Opera ≫ Opera Browser Version8.51

Opera ≫ Opera Browser Version8.52

Opera ≫ Opera Browser Version8.53

Opera ≫ Opera Browser Version8.54

Opera ≫ Opera Browser Version9.0

Opera ≫ Opera Browser Version9.0 Updatebeta1

Opera ≫ Opera Browser Version9.0 Updatebeta2

Opera ≫ Opera Browser Version9.01

Opera ≫ Opera Browser Version9.02

Opera ≫ Opera Browser Version9.10

Opera ≫ Opera Browser Version9.12

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	15.37%	0.943

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc

http://secunia.com/advisories/25894

Vendor Advisory

http://secunia.com/advisories/25432

Vendor Advisory

http://www.novell.com/linux/security/advisories/2007_12_sr.html

http://secunia.com/advisories/25027

Vendor Advisory

http://www.novell.com/linux/security/advisories/2007_28_opera.html

http://secunia.com/advisories/24877

Vendor Advisory

http://secunia.com/advisories/25662

Vendor Advisory

http://secunia.com/advisories/25669

Vendor Advisory

http://secunia.com/advisories/25933

Vendor Advisory

http://secunia.com/advisories/26027

Vendor Advisory

http://secunia.com/advisories/26118

Vendor Advisory

http://secunia.com/advisories/26357

Vendor Advisory

http://secunia.com/advisories/26860

Vendor Advisory

http://secunia.com/advisories/28068

Vendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1

http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1

http://www.adobe.com/support/security/advisories/apsa07-03.html

http://www.adobe.com/support/security/bulletins/apsb07-12.html

Vendor Advisory

http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml

http://www.mandriva.com/security/advisories?name=MDKSA-2007:138

http://www.novell.com/linux/security/advisories/2007_46_flashplayer.html

http://www.opera.com/support/search/view/858/

http://www.redhat.com/support/errata/RHSA-2007-0494.html

http://www.securityfocus.com/bid/23437

http://www.securitytracker.com/id?1017903

http://www.us-cert.gov/cas/techalerts/TA07-192A.html

US Government Resource

http://www.vupen.com/english/advisories/2007/1361

Vendor Advisory

http://www.vupen.com/english/advisories/2007/2497

Vendor Advisory

http://www.vupen.com/english/advisories/2007/4190

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/33595

https://issues.rpath.com/browse/RPL-1462

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9332

https://nvd.nist.gov/vuln/detail/CVE-2007-2022

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-2022

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-2022

EUVD