9.3
CVE-2008-4824
- EPSS 13.25%
- Veröffentlicht 17.11.2008 22:21:26
- Zuletzt bearbeitet 16.06.2026 22:58:37
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple unspecified vulnerabilities in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0 allow remote attackers to execute arbitrary code via unknown vectors related to "input validation errors."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Flash Player Version >= 9.0.16.0 < 9.0.151.0
Adobe ≫ Flash Player Version >= 10 < 10.0.12.36
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 13.25% | 0.959 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://secunia.com/advisories/32702
http://secunia.com/advisories/33390
http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1
http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=834256&poid=
http://www.redhat.com/support/errata/RHSA-2008-0980.html
http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html
http://secunia.com/advisories/33179
http://support.apple.com/kb/HT3338
http://www.us-cert.gov/cas/techalerts/TA08-350A.html
http://www.vupen.com/english/advisories/2008/3444
http://secunia.com/advisories/34226
http://security.gentoo.org/glsa/glsa-200903-23.xml
http://osvdb.org/49958
http://secunia.com/advisories/32772
http://www.adobe.com/support/security/bulletins/apsb08-22.html
http://www.isecpartners.com/advisories/2008-01-flash.txt
http://www.securityfocus.com/archive/1/498561/100/0/threaded
http://www.vupen.com/english/advisories/2008/3189