oval:org.mitre.oval:def:24854
Definition Id: oval:org.mitre.oval:def:24854 | |||
Oval ID: | oval:org.mitre.oval:def:24854 | ||
Title: | ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not | ||
Description: | ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not. NOTE: 9.0.115.0 introduces support for a workaround, but does not fix the vulnerability. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-4324 | Version: | 10 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Adobe Flash Player |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7402 | |||
Oval ID: | oval:org.mitre.oval:def:7402 | ||
Title: | Adobe Flash Player 9 is installed | ||
Description: | Adobe Flash Player 9 is installed on the system | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/a:adobe:flash_player:9 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Adobe Flash Player |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:24854 |
Definition Id: oval:org.mitre.oval:def:26707 | |||
Oval ID: | oval:org.mitre.oval:def:26707 | ||
Title: | ActiveX Control is installed | ||
Description: | ActiveX Control (Flash.ocx) is installed on the system. | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/a:adobe:shockwave_flash_activex | Version: | 5 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | ActiveX Control |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:24854 |