9.3 - SUN-103167

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	Sun Alert 103167 Security Vulnerabilities in Adobe Flash Player May Allow Unauthorized System Access or Generation of HTTP Requests

Informations
Name	SUN-103167	First vendor Publication	2007-12-11
Vendor	Sun	Last vendor Modification	2007-12-11
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Product: Solaris 10 Operating System

Three security vulnerabilities in the Adobe Flash Player product shipped with Solaris 10 may allow remote users who create applications that are viewed with the Flash Player to perform unauthorized actions on the host. These actions may include executing arbitrary code with the privileges of the user running the Flash Player, generation of unauthorized HTTP requests from the affected host, or, depending on the browser that is used with the Flash player, unauthorized access to information entered into the affected host via the logging of keystrokes.

These issues are described in the following documents:

APSB07-12 at http://www.adobe.com/support/security/bulletins/apsb07-12.html

CVE-2007-3456 at http://www.security-database.com/detail.php?cve=CVE-2007-3456

CVE-2007-3457 at http://www.security-database.com/detail.php?cve=CVE-2007-3457

CVE-2007-2022 at http://www.security-database.com/detail.php?cve=CVE-2007-2022

CERT Technical Cyber Security Alert TA07-192A at http://www.us-cert.gov/cas/techalerts/TA07-192A.html

Avoidance: Patch

State: Resolved

First released: 11-Dec-2007

Sun Alert Link:http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_103167_security_vulnerabilities

CWE : Common Weakness Enumeration

%	Id	Name
33 %	CWE-352	Cross-Site Request Forgery (CSRF) (CWE/SANS Top 25)
33 %	CWE-200	Information Exposure
33 %	CWE-189	Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11493

Oval ID:	oval:org.mitre.oval:def:11493
Title:	Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an "input validation error," including a signed comparison of values that are assumed to be non-negative.
Description:	Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an "input validation error," including a signed comparison of values that are assumed to be non-negative.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-3456	Version:	3
Platform(s):	Red Hat Enterprise Linux Extras 3 Red Hat Enterprise Linux Extras 4 Red Hat Enterprise Linux Extras 5	Product(s):
Definition Synopsis:
IF redhat-release is version 3 AND flash-plugin is earlier than 0:9.0.48.0-1.el3.with.oss OR redhat-release is version 4 AND flash-plugin is earlier than 0:9.0.48.0-1.el4 OR redhat-release is version 5 AND flash-plugin is earlier than 0:9.0.48.0-1.el5

Definition Id: oval:org.mitre.oval:def:21835

Oval ID:	oval:org.mitre.oval:def:21835
Title:	ELSA-2007:0494: kdebase security update (Important)
Description:	Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet.
Family:	unix	Class:	patch
Reference(s):	ELSA-2007:0494-02 CVE-2007-2022	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	kdebase
Definition Synopsis:
Oracle Linux 5.x rpm test kdebase is earlier than 6:3.5.4-13.6.el5 AND kdebase-devel is earlier than 6:3.5.4-13.6.el5

Definition Id: oval:org.mitre.oval:def:22507

Oval ID:	oval:org.mitre.oval:def:22507
Title:	ELSA-2007:0696: flash-plugin security update (Critical)
Description:	Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an "input validation error," including a signed comparison of values that are assumed to be non-negative.
Family:	unix	Class:	patch
Reference(s):	ELSA-2007:0696-01 CVE-2007-3456	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	flash-plugin
Definition Synopsis:
Oracle Linux 5.x AND flash-plugin is earlier than 0:9.0.48.0-1.el5

Definition Id: oval:org.mitre.oval:def:24920

Oval ID:	oval:org.mitre.oval:def:24920
Title:	Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet
Description:	Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2007-2022	Version:	7
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player
Definition Synopsis:
Adobe Flash Player section Adobe Flash Player 9 is installed AND Adobe Flash Player version is equal to 9.0.28.0 OR Flash.ocx section ActiveX Control is installed AND Determine if the version of Flash.ocx is equals to 9.0.28.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:29400

Oval ID:	oval:org.mitre.oval:def:29400
Title:	Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers (CVE-2007-3457)
Description:	Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might allow remote attackers to conduct a CSRF attack via a crafted SWF file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2007-3457	Version:	2
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player
Definition Synopsis:
Determine if the version of Adobe Flash Player on Windows is less than or equal 8.0.34.0 Adobe Flash Player is installed AND Adobe Flash Player version is less than or equal to 8.0.34.0 OR Flash.ocx section ActiveX Control is installed AND Determine if the version of Flash.ocx is less than or equal 8.0.34.0

Definition Id: oval:org.mitre.oval:def:9332

Oval ID:	oval:org.mitre.oval:def:9332
Title:	Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet.
Description:	Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-2022	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section kdebase is earlier than 6:3.1.3-5.16 AND kdebase-devel is earlier than 6:3.1.3-5.16 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section kdebase is earlier than 6:3.3.1-5.19.rhel4 AND kdebase-devel is earlier than 6:3.3.1-5.19.rhel4 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section kdebase is earlier than 6:3.5.4-13.6.el5 AND kdebase-devel is earlier than 6:3.5.4-13.6.el5

CPE : Common Platform Enumeration

Type	Description	Count
Application	Adobe Flash Player cpe:2.3:a:adobe:flash_player:9.0.9.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.8.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.45.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.31.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.31:::::::* cpe:2.3:a:adobe:flash_player:9.0.28.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.28.0::mac_os_x::::: cpe:2.3:a:adobe:flash_player:9.0.28:::::::* cpe:2.3:a:adobe:flash_player:9.0.20.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.20:::::::* cpe:2.3:a:adobe:flash_player:9.0.18d60:::::::* cpe:2.3:a:adobe:flash_player:9.0.16.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.16:::::::* cpe:2.3:a:adobe:flash_player:9.0.16::windows::::: cpe:2.3:a:adobe:flash_player:9.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.42.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.39.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.35.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.34.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.33.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.24.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.22.0:::::::* cpe:2.3:a:adobe:flash_player:8.0:::::::* cpe:2.3:a:adobe:flash_player:8.0::pro::::: cpe:2.3:a:adobe:flash_player:8.0::basic::::: cpe:2.3:a:adobe:flash_player:8::professional::::: cpe:2.3:a:adobe:flash_player:8::pro::::: cpe:2.3:a:adobe:flash_player:7.2:::::::* cpe:2.3:a:adobe:flash_player:7.1.1:::::::* cpe:2.3:a:adobe:flash_player:7.1:::::::* cpe:2.3:a:adobe:flash_player:7.0.73.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.70.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.69.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.68.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.67.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.66.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.63:::::::* cpe:2.3:a:adobe:flash_player:7.0.63::linux::::: cpe:2.3:a:adobe:flash_player:7.0.61.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.60.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.53.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.25:::::::* cpe:2.3:a:adobe:flash_player:7.0.24.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.19.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.14.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.1:::::::* cpe:2.3:a:adobe:flash_player:7.0_r67::solaris::::: cpe:2.3:a:adobe:flash_player:7.0_r67:::::::* cpe:2.3:a:adobe:flash_player:7.0:::::::* cpe:2.3:a:adobe:flash_player:6.0.79:::::::* cpe:2.3:a:adobe:flash_player:6.0.21.0:::::::* cpe:2.3:a:adobe:flash_player:6:::::::* cpe:2.3:a:adobe:flash_player:5:::::::* cpe:2.3:a:adobe:flash_player:4:::::::* cpe:2.3:a:adobe:flash_player:3:::::::* cpe:2.3:a:adobe:flash_player:2:::::::* cpe:2.3:a:adobe:flash_player:mx_2004:::::::* cpe:2.3:a:adobe:flash_player:cs4::pro::::: cpe:2.3:a:adobe:flash_player:cs3::pro::::: cpe:2.3:a:adobe:flash_player:cs3::professional::::: cpe:2.3:a:adobe:flash_player:::::::: cpe:2.3:a:adobe:flash_player:::basic:::::* cpe:2.3:a:adobe:flash_player:::pro:::::* cpe:2.3:a:adobe:flash_player::::::edge::* cpe:2.3:a:adobe:flash_player::::::internet_explorer_11::* cpe:2.3:a:adobe:flash_player::::::chrome::* cpe:2.3:a:adobe:flash_player:-:::::::*	67
Application	Opera Opera Browser cpe:2.3:a:opera:opera_browser:9.12:::::::* cpe:2.3:a:opera:opera_browser:9.10:::::::* cpe:2.3:a:opera:opera_browser:9.02:::::::* cpe:2.3:a:opera:opera_browser:9.01:::::::* cpe:2.3:a:opera:opera_browser:9.0:beta1:::::: cpe:2.3:a:opera:opera_browser:9.0:beta2:::::: cpe:2.3:a:opera:opera_browser:9.0:::::::* cpe:2.3:a:opera:opera_browser:8.54:::::::* cpe:2.3:a:opera:opera_browser:8.53:::::::* cpe:2.3:a:opera:opera_browser:8.52:::::::* cpe:2.3:a:opera:opera_browser:8.51:::::::* cpe:2.3:a:opera:opera_browser:8.50:::::::* cpe:2.3:a:opera:opera_browser:8.02:::::::* cpe:2.3:a:opera:opera_browser:8.01:::::::* cpe:2.3:a:opera:opera_browser:8.0:beta1:::::: cpe:2.3:a:opera:opera_browser:8.0:beta2:::::: cpe:2.3:a:opera:opera_browser:8.0:beta3:::::: cpe:2.3:a:opera:opera_browser:8.0:::::::* cpe:2.3:a:opera:opera_browser:7.60:::::::* cpe:2.3:a:opera:opera_browser:7.54:update2:::::: cpe:2.3:a:opera:opera_browser:7.54:::::::* cpe:2.3:a:opera:opera_browser:7.54:update1:::::: cpe:2.3:a:opera:opera_browser:7.53:::::::* cpe:2.3:a:opera:opera_browser:7.52:::::::* cpe:2.3:a:opera:opera_browser:7.51:::::::* cpe:2.3:a:opera:opera_browser:7.50:beta1:::::: cpe:2.3:a:opera:opera_browser:7.50:::::::* cpe:2.3:a:opera:opera_browser:7.23:::::::* cpe:2.3:a:opera:opera_browser:7.22:::::::* cpe:2.3:a:opera:opera_browser:7.21:::::::* cpe:2.3:a:opera:opera_browser:7.20:beta7:::::: cpe:2.3:a:opera:opera_browser:7.20:::::::* cpe:2.3:a:opera:opera_browser:7.11:::::::* cpe:2.3:a:opera:opera_browser:7.11:beta2:::::: cpe:2.3:a:opera:opera_browser:7.10:beta1:::::: cpe:2.3:a:opera:opera_browser:7.10:::::::* cpe:2.3:a:opera:opera_browser:7.03:::::::* cpe:2.3:a:opera:opera_browser:7.02:::::::* cpe:2.3:a:opera:opera_browser:7.01:::::::* cpe:2.3:a:opera:opera_browser:7.0:::::::* cpe:2.3:a:opera:opera_browser:7.0:beta1_v2:::::: cpe:2.3:a:opera:opera_browser:7.0:beta1:::::: cpe:2.3:a:opera:opera_browser:7.0:beta2:::::: cpe:2.3:a:opera:opera_browser:6.12:::::::* cpe:2.3:a:opera:opera_browser:6.11:::::::* cpe:2.3:a:opera:opera_browser:6.1:beta1:::::: cpe:2.3:a:opera:opera_browser:6.1:::::::* cpe:2.3:a:opera:opera_browser:6.06:::::::* cpe:2.3:a:opera:opera_browser:6.05:::::::* cpe:2.3:a:opera:opera_browser:6.04:::::::* cpe:2.3:a:opera:opera_browser:6.03:::::::* cpe:2.3:a:opera:opera_browser:6.02:::::::* cpe:2.3:a:opera:opera_browser:6.01:::::::* cpe:2.3:a:opera:opera_browser:6.0:beta1:::::: cpe:2.3:a:opera:opera_browser:6.0:tp1:::::: cpe:2.3:a:opera:opera_browser:6.0:beta2:::::: cpe:2.3:a:opera:opera_browser:6.0:::::::* cpe:2.3:a:opera:opera_browser:6.0:tp2:::::: cpe:2.3:a:opera:opera_browser:6.0:tp3:::::: cpe:2.3:a:opera:opera_browser:5.12:::::::* cpe:2.3:a:opera:opera_browser:5.11:::::::* cpe:2.3:a:opera:opera_browser:5.10:::::::* cpe:2.3:a:opera:opera_browser:5.02:::::::* cpe:2.3:a:opera:opera_browser:5.0:beta6:::::: cpe:2.3:a:opera:opera_browser:5.0:beta7:::::: cpe:2.3:a:opera:opera_browser:5.0:beta2:::::: cpe:2.3:a:opera:opera_browser:5.0:beta5:::::: cpe:2.3:a:opera:opera_browser:5.0:beta4:::::: cpe:2.3:a:opera:opera_browser:5.0:::::::* cpe:2.3:a:opera:opera_browser:5.0:beta8:::::: cpe:2.3:a:opera:opera_browser:5.0:beta3::::::	71

OpenVAS Exploits

Date	Description
2009-11-17	Name : Mac OS X Version File : nvt/macosx_version.nasl
2009-10-10	Name : SLES9: Security update for kdebase3 File : nvt/sles9p5014984.nasl
2009-04-09	Name : Mandriva Update for kdebase MDKSA-2007:138 (kdebase) File : nvt/gb_mandriva_MDKSA_2007_138.nasl
2009-01-28	Name : SuSE Update for flash-player SUSE-SA:2007:046 File : nvt/gb_suse_2007_046.nasl
2008-09-24	Name : Gentoo Security Advisory GLSA 200708-01 (netscape-flash) File : nvt/glsa_200708_01.nasl
2008-09-04	Name : FreeBSD Ports: linux-flashplugin File : nvt/freebsd_linux-flashplugin1.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
38054	Adobe Flash Player Crafted FLV / SWF Handling Overflow
38049	Adobe Flash Player HTTP Referer Header CSRF Flash Player 9.0.45.0 and earlier allow an attacker to manipulate HTTP referrer headers by way of ActionScript. This allows an attacker to spoof the origin of a request and bypass common filters to prevent CSRF. An attacker could leverage this for to issue a CSRF from outside of the target's domain.
34140	Adobe Macromedia Flash Player Plug-in Multiple Browser Remote Keystroke Discl...

Snort® IPS/IDS

Date	Description
2014-01-10	Adobe FLV long string script data buffer overflow attempt RuleID : 12183 - Revision : 18 - Type : FILE-FLASH

Nessus® Vulnerability Scanner

Date	Description
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0494.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20070613_kdebase_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2009-08-24	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-0696.nasl - Type : ACT_GATHER_INFO
2007-12-13	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_flash-player-3890.nasl - Type : ACT_GATHER_INFO
2007-12-13	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kdebase3-3407.nasl - Type : ACT_GATHER_INFO
2007-11-14	Name : The remote host is missing a Mac OS X update which fixes a security issue. File : macosx_10_4_11.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote openSUSE host is missing a security update. File : suse_flash-player-3889.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote openSUSE host is missing a security update. File : suse_kdebase3-3347.nasl - Type : ACT_GATHER_INFO
2007-08-13	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200708-01.nasl - Type : ACT_GATHER_INFO
2007-07-18	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_b42e8c3234f611dc9bc9001921ab2fa4.nasl - Type : ACT_GATHER_INFO
2007-07-11	Name : The remote Windows host contains a browser plugin that is affected by multipl... File : flash_player_apsb07-12.nasl - Type : ACT_GATHER_INFO
2007-07-04	Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-138.nasl - Type : ACT_GATHER_INFO
2007-06-14	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0494.nasl - Type : ACT_GATHER_INFO
2007-06-14	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0494.nasl - Type : ACT_GATHER_INFO

Global Informations

Type	Count
CWE ID(s)	3
Oval ID(s)	6
CPE ID(s)	138
osvdb(s)	3
Openvas Exploit(s)	6
Snort® Rule(s)	1
Nessus® Exploit(s)	14

	Related
9.3	CVE-2007-3456
6.8	CVE-2007-2022
4.3	CVE-2007-3457
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 3 more Alert(s)