Lucene search

[email protected]CVE-2003-1017

HistoryJan 05, 2004 - 5:00 a.m.

CVE-2003-1017

2004-01-0505:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

macromedia

flash player

data file

predictable location

web browsers

vulnerability

remote attackers

nvd

cve-2003-1017

7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.008 Low

EPSS

Percentile

81.0%

JSON

Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such as Internet Explorer and Opera, which allows remote attackers to read restricted files via vulnerabilities in web browsers whose exploits rely on predictable names.

CPENameOperatorVersion
macromedia:flash_playermacromedia flash playereq5.0_r50
macromedia:flash_playermacromedia flash playereq5.0
macromedia:flash_playermacromedia flash playereq6.0.79.0
macromedia:directormacromedia directoreq5.0
macromedia:flash_playermacromedia flash playereq6.0.65.0
macromedia:flash_playermacromedia flash playereq6.0.29.0
macromedia:flash_playermacromedia flash playereq6.0
macromedia:flash_playermacromedia flash playereq4.0_r12
macromedia:flash_playermacromedia flash playereq6.0.47.0
macromedia:flash_playermacromedia flash playereq6.0.40.0

CPE	Name	Operator	Version
macromedia:flash_player	macromedia flash player	eq	5.0_r50
macromedia:flash_player	macromedia flash player	eq	5.0
macromedia:flash_player	macromedia flash player	eq	6.0.79.0
macromedia:director	macromedia director	eq	5.0
macromedia:flash_player	macromedia flash player	eq	6.0.65.0
macromedia:flash_player	macromedia flash player	eq	6.0.29.0
macromedia:flash_player	macromedia flash player	eq	6.0
macromedia:flash_player	macromedia flash player	eq	4.0_r12
macromedia:flash_player	macromedia flash player	eq	6.0.47.0
macromedia:flash_player	macromedia flash player	eq	6.0.40.0

References

www.macromedia.com/devnet/security/security_zone/mpsb03-08.html

www.securityfocus.com/bid/8900

exchange.xforce.ibmcloud.com/vulnerabilities/14013

7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.008 Low

EPSS

Percentile

81.0%

JSON

Related for CVE-2003-1017

nessus1