Lucene search

[email protected]CVE-2007-3457

HistoryJul 11, 2007 - 4:30 p.m.

CVE-2007-3457

2007-07-1116:30:00

CWE-352

[email protected]

web.nvd.nist.gov

cve-2007-3457

adobe flash player

csrf

vulnerability

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.3 Medium

AI Score

Confidence

Low

0.019 Low

EPSS

Percentile

88.6%

JSON

Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might allow remote attackers to conduct a CSRF attack via a crafted SWF file.

Affected configurations

NVD

Node

adobeflash_playerRange≤8.0.34.0

CPENameOperatorVersion
adobe:flash_playeradobe flash playerle8.0.34.0

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	le	8.0.34.0

References

secunia.com/advisories/26027

secunia.com/advisories/26118

secunia.com/advisories/26357

secunia.com/advisories/28068

sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1

sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1

www.adobe.com/support/security/bulletins/apsb07-12.html

www.gentoo.org/security/en/glsa/glsa-200708-01.xml

www.kb.cert.org/vuls/id/138457

www.novell.com/linux/security/advisories/2007_46_flashplayer.html

www.osvdb.org/38049

www.securitytracker.com/id?1018359

www.us-cert.gov/cas/techalerts/TA07-192A.html

www.vupen.com/english/advisories/2007/2497

www.vupen.com/english/advisories/2007/4190

exchange.xforce.ibmcloud.com/vulnerabilities/35338

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.3 Medium

AI Score

Confidence

Low

0.019 Low

EPSS

Percentile

88.6%

JSON

Related for CVE-2007-3457

jvn1 cvelist1 prion1 ubuntucve1 cert1 nvd1 securityvulns1 nessus5 openvas5 gentoo1 freebsd1 suse1