Summary
| Detail | |||
|---|---|---|---|
| Vendor | Adobe | First view | 2009-05-01 |
| Product | Flash Media Server | Last view | 2011-08-11 |
| Version | 3.0.3 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:adobe:flash_media_server | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5 | 2011-08-11 | CVE-2011-2132 | Adobe Flash Media Server (FMS) before 3.5.7, and 4.x before 4.0.3, allows attackers to cause a denial of service (memory corruption) via unspecified vectors. |
| 5 | 2011-05-16 | CVE-2011-0612 | Adobe Flash Media Server (FMS) before 3.5.6, and 4.x before 4.0.2, allows remote attackers to cause a denial of service (XML data corruption) via unspecified vectors. |
| 10 | 2010-11-09 | CVE-2010-3635 | Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5.x before 3.5.5, and 4.0.x before 4.0.1 allows attackers to execute arbitrary code via unspecified vectors, related to a "segmentation fault vulnerability." |
| 5 | 2010-11-09 | CVE-2010-3634 | Unspecified vulnerability in the edge process in Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5.x before 3.5.5, and 4.0.x before 4.0.1 allows attackers to cause a denial of service via unknown vectors. |
| 5 | 2010-11-09 | CVE-2010-3633 | Memory leak in Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5.x before 3.5.5, and 4.0.x before 4.0.1 allows attackers to cause a denial of service (memory consumption) via unspecified vectors. |
| 5 | 2010-08-11 | CVE-2010-2220 | Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a denial of service via unspecified vectors, related to an "input validation issue." |
| 5 | 2010-08-11 | CVE-2010-2219 | Unspecified vulnerability in Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a denial of service (memory consumption) via unknown vectors. |
| 5 | 2010-08-11 | CVE-2010-2218 | Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a denial of service via unspecified vectors, related to a "JS method issue." |
| 10 | 2010-08-11 | CVE-2010-2217 | Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to execute arbitrary code via unspecified vectors, related to a "JS method vulnerability." |
| 10 | 2009-12-21 | CVE-2009-3792 | Directory traversal vulnerability in Adobe Flash Media Server (FMS) before 3.5.3 allows attackers to load arbitrary DLL files via unspecified vectors. |
| 5 | 2009-12-21 | CVE-2009-3791 | Unspecified vulnerability in Adobe Flash Media Server (FMS) before 3.5.3 allows attackers to cause a denial of service (resource exhaustion) via unknown vectors. |
| 7.5 | 2009-05-01 | CVE-2009-1365 | Unspecified vulnerability in Adobe Flash Media Server (FMS) before 3.0.4 and 3.5.x before 3.5.2, as used in Flash Media Interactive Server and Flash Media Streaming Server, allows remote attackers to execute arbitrary remote procedures within an ActionScript file on the server via RPC requests. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 42% (3) | CWE-399 | Resource Management Errors |
| 28% (2) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 14% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 14% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 74431 | Adobe Flash Media Server Unspecified Memory Corruption DoS |
| 72329 | Adobe Flash Media Server XML Data Corruption DoS |
| 69120 | Adobe Flash Media Server Unspecified Memory Corruption Arbitrary Code Executi... |
| 69119 | Adobe Flash Media Server Edge Process Unspecified DoS (2010-3634) |
| 69118 | Adobe Flash Media Server Unspecified Memory Leak DoS (2010-3633) |
| 67066 | Adobe Flash Media Server Unspecified JS Method DoS (2010-2218) |
| 67065 | Adobe Flash Media Server Unspecified Memory Exhaustion DoS (2010-2219) |
| 67064 | Adobe Flash Media Server Unspecified Input Validation DoS (2010-2220) |
| 67063 | Adobe Flash Media Server Unspecified JS Method Arbitrary Code Execution (2010... |
| 61242 | Adobe Flash Media Server Unspecified Resource Exhaustion DoS |
| 61241 | Adobe Flash Media Server Traversal Arbitrary DLL Loading Code Execution |
| 54265 | Adobe Flash Media Server ActionScript File RPC Request Handling Arbitrary Rem... |
OpenVAS Exploits
| id | Description |
|---|---|
| 2011-08-18 | Name : Adobe Flash Media Server Remote Denial of Service Vulnerability (August-2011) File : nvt/gb_adobe_fms_dos_vuln_aug11.nasl |
| 2011-05-26 | Name : Adobe Flash Media Server XML Data Remote Denial of Service Vulnerability File : nvt/gb_adobe_fms_xml_data_dos_vuln.nasl |
| 2010-11-19 | Name : Adobe Flash Media Server Multiple Denial of Service Vulnerabilities File : nvt/gb_adobe_fms_mult_dos_vuln.nasl |
| 2010-08-11 | Name : Adobe Flash Media Server Multiple Remote Security Vulnerabilities File : nvt/gb_adobe_fms_42344.nasl |
| 2010-03-25 | Name : Adobe Flash Media Server multiple vulnerabilities File : nvt/gb_adobe_fms_mult_vuln.nasl |
| 2009-05-11 | Name : Adobe Flash Media Server Privilege Escalation Vulnerability File : nvt/gb_adobe_fms_prv_esc_vuln.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2011-A-0109 | Adobe Flash Media Server Memory Corruption Remote Denial of Service Vulnerabi... Severity: Category I - VMSKEY: V0029735 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Adobe Flash Media Server memory exhaustion RuleID : 19111 - Type : FILE-FLASH - Revision : 7 |
| 2014-01-10 | Adobe Flash Player directory traversal attempt RuleID : 16337 - Type : FILE-FLASH - Revision : 8 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2011-08-10 | Name: The remote media server is affected by a denial of service vulnerability. File: adobe_fms_4_0_3.nasl - Type: ACT_GATHER_INFO |
| 2011-05-13 | Name: The remote media server is affected by multiple vulnerabilities. File: adobe_fms_4_0_2.nasl - Type: ACT_GATHER_INFO |
| 2010-11-11 | Name: The remote media server is affected by multiple vulnerabilities. File: adobe_fms_4_0_1.nasl - Type: ACT_GATHER_INFO |
| 2010-08-11 | Name: The remote media server is affected by multiple vulnerabilities. File: adobe_fms_3_5_4.nasl - Type: ACT_GATHER_INFO |
| 2009-12-22 | Name: The remote media server is affected by multiple vulnerabilities. File: adobe_fms_3_5_3.nasl - Type: ACT_GATHER_INFO |
| 2009-05-07 | Name: The remote media server has a privilege escalation vulnerability. File: adobe_fms_rpc.nasl - Type: ACT_GATHER_INFO |
