Executive Summary
Summary | |
---|---|
Title | Adobe Flash Player asfunction protocol may enable cross-site scripting |
Informations | |||
---|---|---|---|
Name | VU#758769 | First vendor Publication | 2007-12-19 |
Vendor | VU-CERT | Last vendor Modification | 2008-01-11 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 4.3 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#758769Adobe Flash Player asfunction protocol may enable cross-site scriptingOverviewThe Adobe Flash player asfunction protocol could allow an attacker to conduct cross-site scripting attacks on websites that host vulnerable Flash files.I. DescriptionThe Adobe Flash Player is a player for the Flash media format and enables frame-based animations and multimedia to be viewed within a web browser. ActionScript is a scripting language that is used to develop software and multimedia files that are processed by the Adobe Flash Player. The asfunction protocol enables HTTP hyperlinks in Flash files to launch a ActionScript functions.Per Adobe Security Bulletin APSB07-20:
Note that vulnerable versions of the Flash Player may be distributed with various operating systems. II. ImpactA remote, unauthenticated attacker may be able to launch cross-site scripting attacks against sites that host vulnerable Flash files.III. SolutionUpdate Flash PlayerAdobe has released an update to address this issue. Adobe Security Bulletin APSB07-20 contains more information about obtaining fixed software. Adobe Dreamweaver users may need to manually update their Flash player to obtain updates. See the Protocol Solutions Network Security Blog Adobe/Macromedia/Dreamweaver vulnerability posting for more information.
References
Adobe credits Rich Cannings of the Google Security Team for reporting this issue. This document was written by Ryan Giobbi.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/758769 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10210 | |||
Oval ID: | oval:org.mitre.oval:def:10210 | ||
Title: | Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via (1) a SWF file that uses the asfunction: protocol or (2) the navigateToURL function when used with the Flash Player ActiveX Control in Internet Explorer. | ||
Description: | Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via (1) a SWF file that uses the asfunction: protocol or (2) the navigateToURL function when used with the Flash Player ActiveX Control in Internet Explorer. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6244 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux Extras 3 Red Hat Enterprise Linux Extras 4 Red Hat Enterprise Linux Extras 5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24545 | |||
Oval ID: | oval:org.mitre.oval:def:24545 | ||
Title: | Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via (1) a SWF file that uses the asfunction: protocol or (2) the navigateToURL function when used with the Flash Player ActiveX Control in Internet Explorer. | ||
Description: | Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via (1) a SWF file that uses the asfunction: protocol or (2) the navigateToURL function when used with the Flash Player ActiveX Control in Internet Explorer. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-6244 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Adobe Flash Player |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 |
OpenVAS Exploits
Date | Description |
---|---|
2009-01-28 | Name : SuSE Update for flash-player SUSE-SA:2007:069 File : nvt/gb_suse_2007_069.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200801-07 (netscape-flash) File : nvt/glsa_200801_07.nasl |
2008-09-04 | Name : FreeBSD Ports: linux-flashplugin File : nvt/freebsd_linux-flashplugin2.nasl |
2008-09-03 | Name : Adobe Flash Player 9.0.115.0 and earlier vulnerability (Lin) File : nvt/flash_player_CB-A08-0059.nasl |
2008-09-03 | Name : Adobe Flash Player 9.0.115.0 and earlier vulnerability (Win) File : nvt/smbcl_flash_player_CB-A08-0059.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
41486 | Adobe Flash Player ActiveX in MSIE navigateToURL Function XSS |
41485 | Adobe Flash Player main.swf baseurl Parameter asfunction: Protocol Handler XSS |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2008-01-23 | IAVM : 2008-B-0011 - Multiple Adobe Dreamweaver CS3 and Adobe Acrobat Connect SWF Cross-Site Scrip... Severity : Category II - VMSKEY : V0015694 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | ShockwaveFlash.ShockwaveFlash ActiveX clsid unicode access RuleID : 7979 - Revision : 10 - Type : WEB-ACTIVEX |
2014-01-10 | ShockwaveFlash.ShockwaveFlash ActiveX clsid access RuleID : 7978 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | Adobe Flash Player navigateToURL cross-site scripting attempt RuleID : 17223 - Revision : 10 - Type : FILE-FLASH |
2014-01-10 | ShockwaveFlash.ShockwaveFlash ActiveX function call unicode access RuleID : 13217 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | ShockwaveFlash.ShockwaveFlash ActiveX function call access RuleID : 13216 - Revision : 12 - Type : BROWSER-PLUGINS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-08-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-1126.nasl - Type : ACT_GATHER_INFO |
2008-01-21 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200801-07.nasl - Type : ACT_GATHER_INFO |
2008-01-04 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_562cf6c4b9f111dca302000102cc8983.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote openSUSE host is missing a security update. File : suse_flash-player-4855.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_flash-player-4856.nasl - Type : ACT_GATHER_INFO |
2007-12-19 | Name : The remote Windows host contains a browser plugin that is affected by multipl... File : flash_player_apsb07-20.nasl - Type : ACT_GATHER_INFO |