Executive Summary
Summary | |
---|---|
Title | Sun Alert 103167 Security Vulnerabilities in Adobe Flash Player May Allow Unauthorized System Access or Generation of HTTP Requests |
Informations | |||
---|---|---|---|
Name | SUN-103167 | First vendor Publication | 2007-12-11 |
Vendor | Sun | Last vendor Modification | 2007-12-11 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Product: Solaris 10 Operating System Three security vulnerabilities in the Adobe Flash Player product shipped with Solaris 10 may allow remote users who create applications that are viewed with the Flash Player to perform unauthorized actions on the host. These actions may include executing arbitrary code with the privileges of the user running the Flash Player, generation of unauthorized HTTP requests from the affected host, or, depending on the browser that is used with the Flash player, unauthorized access to information entered into the affected host via the logging of keystrokes. These issues are described in the following documents: APSB07-12 at http://www.adobe.com/support/security/bulletins/apsb07-12.html CVE-2007-3456 at http://www.security-database.com/detail.php?cve=CVE-2007-3456 CVE-2007-3457 at http://www.security-database.com/detail.php?cve=CVE-2007-3457 CVE-2007-2022 at http://www.security-database.com/detail.php?cve=CVE-2007-2022 CERT Technical Cyber Security Alert TA07-192A at http://www.us-cert.gov/cas/techalerts/TA07-192A.html Avoidance: Patch State: Resolved First released: 11-Dec-2007 |
Original Source
Url : http://blogs.sun.com/security/entry/sun_alert_103167_security_vulnerabilities |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-352 | Cross-Site Request Forgery (CSRF) (CWE/SANS Top 25) |
33 % | CWE-200 | Information Exposure |
33 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11493 | |||
Oval ID: | oval:org.mitre.oval:def:11493 | ||
Title: | Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an "input validation error," including a signed comparison of values that are assumed to be non-negative. | ||
Description: | Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an "input validation error," including a signed comparison of values that are assumed to be non-negative. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-3456 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux Extras 3 Red Hat Enterprise Linux Extras 4 Red Hat Enterprise Linux Extras 5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21835 | |||
Oval ID: | oval:org.mitre.oval:def:21835 | ||
Title: | ELSA-2007:0494: kdebase security update (Important) | ||
Description: | Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:0494-02 CVE-2007-2022 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | kdebase |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22507 | |||
Oval ID: | oval:org.mitre.oval:def:22507 | ||
Title: | ELSA-2007:0696: flash-plugin security update (Critical) | ||
Description: | Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an "input validation error," including a signed comparison of values that are assumed to be non-negative. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:0696-01 CVE-2007-3456 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | flash-plugin |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24920 | |||
Oval ID: | oval:org.mitre.oval:def:24920 | ||
Title: | Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet | ||
Description: | Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-2022 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Adobe Flash Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29400 | |||
Oval ID: | oval:org.mitre.oval:def:29400 | ||
Title: | Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers (CVE-2007-3457) | ||
Description: | Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might allow remote attackers to conduct a CSRF attack via a crafted SWF file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-3457 | Version: | 2 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Adobe Flash Player |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9332 | |||
Oval ID: | oval:org.mitre.oval:def:9332 | ||
Title: | Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet. | ||
Description: | Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-2022 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-10 | Name : SLES9: Security update for kdebase3 File : nvt/sles9p5014984.nasl |
2009-04-09 | Name : Mandriva Update for kdebase MDKSA-2007:138 (kdebase) File : nvt/gb_mandriva_MDKSA_2007_138.nasl |
2009-01-28 | Name : SuSE Update for flash-player SUSE-SA:2007:046 File : nvt/gb_suse_2007_046.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200708-01 (netscape-flash) File : nvt/glsa_200708_01.nasl |
2008-09-04 | Name : FreeBSD Ports: linux-flashplugin File : nvt/freebsd_linux-flashplugin1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
38054 | Adobe Flash Player Crafted FLV / SWF Handling Overflow |
38049 | Adobe Flash Player HTTP Referer Header CSRF Flash Player 9.0.45.0 and earlier allow an attacker to manipulate HTTP referrer headers by way of ActionScript. This allows an attacker to spoof the origin of a request and bypass common filters to prevent CSRF. An attacker could leverage this for to issue a CSRF from outside of the target's domain. |
34140 | Adobe Macromedia Flash Player Plug-in Multiple Browser Remote Keystroke Discl... |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Adobe FLV long string script data buffer overflow attempt RuleID : 12183 - Revision : 18 - Type : FILE-FLASH |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0494.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20070613_kdebase_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2009-08-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-0696.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_flash-player-3890.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kdebase3-3407.nasl - Type : ACT_GATHER_INFO |
2007-11-14 | Name : The remote host is missing a Mac OS X update which fixes a security issue. File : macosx_10_4_11.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_flash-player-3889.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_kdebase3-3347.nasl - Type : ACT_GATHER_INFO |
2007-08-13 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200708-01.nasl - Type : ACT_GATHER_INFO |
2007-07-18 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_b42e8c3234f611dc9bc9001921ab2fa4.nasl - Type : ACT_GATHER_INFO |
2007-07-11 | Name : The remote Windows host contains a browser plugin that is affected by multipl... File : flash_player_apsb07-12.nasl - Type : ACT_GATHER_INFO |
2007-07-04 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-138.nasl - Type : ACT_GATHER_INFO |
2007-06-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0494.nasl - Type : ACT_GATHER_INFO |
2007-06-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0494.nasl - Type : ACT_GATHER_INFO |