9.3

CVE-2007-6019

Exploit
Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via an SWF file with a modified DeclareFunction2 Actionscript tag, which prevents an object from being instantiated properly.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeAir Version1.0
AdobeFlash Versionbasic Update8
AdobeFlash Versionprofessional Update8
AdobeFlash Versionprofessional Updatecs3
AdobeFlash Player Version <= 9.0.115.0
AdobeFlash Player Version7.0
AdobeFlash Player Version7.0.1
AdobeFlash Player Version7.0.25
AdobeFlash Player Version7.0.63
AdobeFlash Player Version7.0.69.0
AdobeFlash Player Version7.0.70.0
AdobeFlash Player Version7.0_r67
AdobeFlash Player Version7.1
AdobeFlash Player Version7.1.1
AdobeFlash Player Version7.2
AdobeFlash Player Version8 Editionpro
AdobeFlash Player Version8 Editionprofessional
AdobeFlash Player Version8.0
AdobeFlash Player Version8.0 Editionbasic
AdobeFlash Player Version8.0 Editionpro
AdobeFlash Player Version8.0.24.0
AdobeFlash Player Version8.0.34.0
AdobeFlash Player Version8.0.35.0
AdobeFlash Player Version8.0.39.0
AdobeFlash Player Version9.0
AdobeFlash Player Version9.0.16
AdobeFlash Player Version9.0.16 Editionwindows
AdobeFlash Player Version9.0.18d60
AdobeFlash Player Version9.0.20
AdobeFlash Player Version9.0.20.0
AdobeFlash Player Version9.0.28
AdobeFlash Player Version9.0.28.0
AdobeFlash Player Version9.0.31
AdobeFlash Player Version9.0.31.0
AdobeFlash Player Version9.0.45.0
AdobeFlash Player Version9.0.47.0
AdobeFlash Player Version9.0.48.0
AdobeFlash Player Version9.0.112.0
AdobeFlash Player Version9.0.114.0
AdobeFlash Player Version9.0.124.0
AdobeFlash Player Version9.0.155.0
AdobeFlex Version3.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 59.77% 0.99
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
http://secunia.com/advisories/30430
Vendor Advisory
http://www.us-cert.gov/cas/techalerts/TA08-150A.html
US Government Resource
http://www.vupen.com/english/advisories/2008/1697
http://secunia.com/advisories/30507
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
http://www.vupen.com/english/advisories/2008/1724/references
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html
http://secunia.com/advisories/29763
Vendor Advisory
http://secunia.com/advisories/29865
Vendor Advisory
http://www.adobe.com/support/security/bulletins/apsb08-11.html
Patch
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200804-21.xml
http://www.redhat.com/support/errata/RHSA-2008-0221.html
http://www.us-cert.gov/cas/techalerts/TA08-100A.html
US Government Resource
http://securityreason.com/securityalert/3805
http://www.securityfocus.com/archive/1/490623/100/0/threaded
http://www.securityfocus.com/archive/1/490824/100/0/threaded
http://www.securityfocus.com/bid/28694
Patch
Exploit
http://www.securitytracker.com/id?1019810
http://www.zerodayinitiative.com/advisories/ZDI-08-021
https://exchange.xforce.ibmcloud.com/vulnerabilities/41717
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10160