6.8
CVE-2007-6242
- EPSS 30.07%
- Veröffentlicht 20.12.2007 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:47:40
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to "input validation errors."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Flash Player Version >= 9.0.16.0 <= 9.0.48.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 30.07% | 0.98 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html
http://secunia.com/advisories/28157
http://secunia.com/advisories/28161
http://secunia.com/advisories/28213
http://secunia.com/advisories/28570
http://secunia.com/advisories/30507
http://securitytracker.com/id?1019116
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
http://www.adobe.com/support/security/bulletins/apsb07-20.html
http://www.gentoo.org/security/en/glsa/glsa-200801-07.xml
http://www.redhat.com/support/errata/RHSA-2007-1126.html
http://www.us-cert.gov/cas/techalerts/TA07-355A.html
http://www.vupen.com/english/advisories/2007/4258
http://www.vupen.com/english/advisories/2008/1724/references
http://www.securityfocus.com/bid/26951
https://exchange.xforce.ibmcloud.com/vulnerabilities/39128
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9188