Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-5275
HistoryOct 08, 2007 - 11:17 p.m.

CVE-2007-5275

2007-10-0823:17:00
CWE-20
[email protected]
web.nvd.nist.gov
37
adobe
macromedia
flash
9
plug-in
vulnerability
remote
tcp session
swf
movie
cross-domain-policy
xml
dns rebinding
attack
cve-2007-5275
nvd

6.4 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

85.5%

JSON

The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause a victim machine to establish TCP sessions with arbitrary hosts via a Flash (SWF) movie, related to lack of pinning of a hostname to a single IP address after receiving an allow-access-from element in a cross-domain-policy XML document, and the availability of a Flash Socket class that does not use the browser’s DNS pins, aka DNS rebinding attacks, a different issue than CVE-2002-1467 and CVE-2007-4324.

References

Related

prion 2
ubuntucve 2
openvas 19
nessus 24
cve 2
redhat 5
suse 2
gentoo 2
freebsd 2
seebug 2
securityvulns 6
prion
prion
Cross site scripting
2007-10-08 23:17:00
Design/Logic Flaw
2007-08-14 00:17:00
ubuntucve
ubuntucve
CVE-2007-5275
2007-10-08 00:00:00
CVE-2007-4324
2007-08-14 00:00:00
openvas
openvas
Adobe Flash Player 9.0.115.0 and earlier vulnerability (Linux)
2008-09-03 00:00:00
Adobe Flash Player <= 9.0.115.0 Vulnerability - Windows
2008-09-03 00:00:00
Adobe Flash Player <= 9.0.115.0 Multiple Vulnerabilities - Linux
2008-09-03 00:00:00
nessus
nessus
openSUSE 10 Security Update : flash-player (flash-player-4855)
2007-12-24 00:00:00
Flash Player < 7.0.73.0 / 9.0.115.0 Multiple Vulnerabilities (APSB07-20)
2007-12-19 00:00:00
GLSA-200801-07 : Adobe Flash Player: Multiple vulnerabilities
2008-01-21 00:00:00
cve
cve
CVE-2002-1467
2003-04-22 04:00:00
CVE-2007-4324
2007-08-14 00:17:00
redhat
redhat
(RHSA-2007:1126) Critical: flash-plugin security update
2007-12-18 00:00:00
(RHSA-2003:027) netscape security update
2003-07-09 00:00:00
(RHSA-2008:0221) Critical: flash-plugin security update
2008-04-08 00:00:00
suse
suse
remote code execution in flash-player
2007-12-21 16:24:32
remote code execution in flash-player
2008-04-11 13:28:58
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2008-01-20 00:00:00
Adobe Flash Player: Multiple vulnerabilities
2008-04-18 00:00:00
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2007-12-18 00:00:00
linux-flashplugin -- multiple vulnerabilities
2008-10-15 00:00:00
seebug
seebug
Adobe Flash Player ActionScript SecurityErrorEvent绕过安全限制漏洞
2007-12-22 00:00:00
Adobe Flash Player 9.0.124.0版本修改多个安全漏洞
2008-04-11 00:00:00
securityvulns
securityvulns
[EXPL] Socket Connection Timing Can Reveal Information About Network Configuration &#40;Exploit&#41;
2007-12-24 00:00:00
US-CERT Technical Cyber Security Alert TA07-355A -- Adobe Updates for Multiple Vulnerabilities
2007-12-21 00:00:00
[EXPL] Socket Connection Timing Can Reveal Information About Network Configuration &#40;Exploit&#41;
2007-12-24 00:00:00

6.4 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

85.5%

JSON
Related for CVE-2007-5275
prion2ubuntucve2openvas19nessus24cve2redhat5suse2gentoo2freebsd2seebug2securityvulns6