CVE-2008-4503
- EPSS 4.19%
- Veröffentlicht 09.10.2008 18:00:01
- Zuletzt bearbeitet 16.06.2026 22:57:56
The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to cause victims to unknowingly click on a link or dialog via access control dialogs disguised as normal graphical elements, as demonstrated by hijacking the cam...
CVE-2008-3872
- EPSS 4.84%
- Veröffentlicht 06.10.2008 18:00:10
- Zuletzt bearbeitet 16.06.2026 22:56:42
Adobe Flash Player 8.0.39.0 and earlier, and 9.x up to 9.0.115.0, allows remote attackers to bypass the allowScriptAccess parameter setting via a crafted SWF file with unspecified "Filter evasion" manipulations.
CVE-2008-3873
- EPSS 3.66%
- Veröffentlicht 29.08.2008 17:41:00
- Zuletzt bearbeitet 16.06.2026 22:56:42
The System.setClipboard method in ActionScript in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to populate the clipboard with a URL that is difficult to delete and does not require user interaction to populate the clipboard, as ex...
CVE-2007-0071
- EPSS 92.5%
- Veröffentlicht 09.04.2008 21:05:00
- Zuletzt bearbeitet 16.06.2026 22:34:51
Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset...
CVE-2007-6019
- EPSS 59.77%
- Veröffentlicht 09.04.2008 21:05:00
- Zuletzt bearbeitet 16.06.2026 22:47:16
Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via an SWF file with a modified DeclareFunction2 Actionscript tag, which prevents an object from being instantiated properly.
CVE-2008-1655
- EPSS 4.9%
- Veröffentlicht 09.04.2008 21:05:00
- Zuletzt bearbeitet 16.06.2026 22:52:10
Unspecified vulnerability in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, makes it easier for remote attackers to conduct DNS rebinding attacks via unknown vectors.
CVE-2008-1654
- EPSS 4.8%
- Veröffentlicht 02.04.2008 18:44:00
- Zuletzt bearbeitet 16.06.2026 22:52:10
Interaction error between Adobe Flash and multiple Universal Plug and Play (UPnP) services allow remote attackers to perform Cross-Site Request Forgery (CSRF) style attacks by using the Flash navigateToURL function to send a SOAP message to a UPnP co...
CVE-2007-6637
- EPSS 4.89%
- Veröffentlicht 04.01.2008 00:46:00
- Zuletzt bearbeitet 16.06.2026 22:48:29
Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player allow remote attackers to inject arbitrary web script or HTML via a crafted SWF file, related to "pre-generated SWF files" and Adobe Dreamweaver CS3 or Adobe Acrobat Connect. ...
CVE-2007-6242
- EPSS 30.07%
- Veröffentlicht 20.12.2007 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:47:40
Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to "input validation errors."
CVE-2007-6243
- EPSS 8.47%
- Veröffentlicht 20.12.2007 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:47:40
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-s...