Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-3456
HistoryJul 11, 2007 - 4:30 p.m.

CVE-2007-3456

2007-07-1116:30:00
CWE-189
[email protected]
web.nvd.nist.gov
31
adobe flash player
integer overflow
remote code execution
input validation error
flv
swf
nvd

7.6 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.967 High

EPSS

Percentile

99.6%

JSON

Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an “input validation error,” including a signed comparison of values that are assumed to be non-negative.

References

Related

checkpoint_advisories 2
nessus 7
redhat 1
prion 1
securityvulns 2
ubuntucve 1
cert 1
openvas 5
gentoo 1
freebsd 1
suse 1
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player FLV Processing Buffer Overflow (CVE-2007-3456)
2009-12-14 00:00:00
IPS-1 Updates against Adobe, Microsoft Windows, Microsoft DirectShow and OpenOffice.org Vulnerabilities
2008-02-26 00:00:00
nessus
nessus
RHEL 3 / 4 / 5 : flash-plugin (RHSA-2007:0696)
2009-08-24 00:00:00
Flash Player Multiple Vulnerabilities (APSB07-12)
2007-07-11 00:00:00
GLSA-200708-01 : Macromedia Flash Player: Remote arbitrary code execution
2007-08-13 00:00:00
redhat
redhat
(RHSA-2007:0696) Critical: flash-plugin security update
2007-07-12 00:00:00
prion
prion
Integer overflow
2007-07-11 16:30:00
securityvulns
securityvulns
[MSA01110707] Flash Player/Plugin Video file parsing Remote Code Execution
2007-07-14 00:00:00
Adobe Flash player multiple security vulnerabilities
2007-07-12 00:00:00
ubuntucve
ubuntucve
CVE-2007-3456
2007-07-11 00:00:00
cert
cert
Adobe Flash Player FLV integer overflow
2007-07-11 00:00:00
openvas
openvas
FreeBSD Ports: linux-flashplugin
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200708-01 (netscape-flash)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200708-01 (netscape-flash)
2008-09-24 00:00:00
gentoo
gentoo
Macromedia Flash Player: Remote arbitrary code execution
2007-08-08 00:00:00
freebsd
freebsd
linux-flashplugin -- critical vulnerabilities
2007-07-10 00:00:00
suse
suse
remote code execution in flash-player
2007-07-19 14:20:54

7.6 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.967 High

EPSS

Percentile

99.6%

JSON
Related for CVE-2007-3456
checkpoint_advisories2nessus7redhat1prion1securityvulns2ubuntucve1cert1openvas5gentoo1freebsd1suse1