10
CVE-2008-4401
- EPSS 8.68%
- Veröffentlicht 17.10.2008 19:31:15
- Zuletzt bearbeitet 09.04.2025 00:30:58
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginActionScript in Adobe Flash Player 9.0.124.0 and earlier does not require user interaction in conjunction with (1) the FileReference.browse operation in the FileReference upload API or (2) the FileReference.download operation in the FileReference download API, which allows remote attackers to create a browse dialog box, and possibly have unspecified other impact, via an SWF file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Flash Player Version <= 9.0.124.0
Adobe ≫ Flash Player Version7.0
Adobe ≫ Flash Player Version7.0.1
Adobe ≫ Flash Player Version7.0.25
Adobe ≫ Flash Player Version7.0.63
Adobe ≫ Flash Player Version7.0.69.0
Adobe ≫ Flash Player Version7.0.70.0
Adobe ≫ Flash Player Version7.0_r67
Adobe ≫ Flash Player Version7.1
Adobe ≫ Flash Player Version7.1.1
Adobe ≫ Flash Player Version7.2
Adobe ≫ Flash Player Version8.0
Adobe ≫ Flash Player Version8.0.24.0
Adobe ≫ Flash Player Version8.0.34.0
Adobe ≫ Flash Player Version8.0.35.0
Adobe ≫ Flash Player Version8.0.39.0
Adobe ≫ Flash Player Version9.0
Adobe ≫ Flash Player Version9.0.112.0
Adobe ≫ Flash Player Version9.0.114.0
Adobe ≫ Flash Player Version9.0.115.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 8.68% | 0.921 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|