ID CVE-2007-6431 Type cve Reporter NVD Modified 2017-08-07T21:29:09
Description
Unspecified vulnerability in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to "take control of the affected system" via unspecified vectors, a different issue than CVE-2007-6148 and CVE-2007-6149.
{"id": "CVE-2007-6431", "bulletinFamily": "NVD", "title": "CVE-2007-6431", "description": "Unspecified vulnerability in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to \"take control of the affected system\" via unspecified vectors, a different issue than CVE-2007-6148 and CVE-2007-6149.", "published": "2008-02-13T16:00:00", "modified": "2017-08-07T21:29:09", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6431", "reporter": "NVD", "references": ["http://www.adobe.com/support/security/bulletins/apsb08-03.html", "http://www.adobe.com/support/security/bulletins/apsb08-04.html", "http://www.vupen.com/english/advisories/2008/0538/references", "https://exchange.xforce.ibmcloud.com/vulnerabilities/40504", "http://www.vupen.com/english/advisories/2008/0539", "http://www.securityfocus.com/bid/27762", "http://www.securitytracker.com/id?1019400"], "cvelist": ["CVE-2007-6431"], "type": "cve", "lastseen": "2017-08-08T11:24:23", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:adobe:flash_media_server_2:2.0.4", "cpe:/a:adobe:connect_enterprise_server:6:sp2"], "cvelist": ["CVE-2007-6431"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Unspecified vulnerability in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to \"take control of the affected system\" via unspecified vectors, a different issue than CVE-2007-6148 and CVE-2007-6149.", "edition": 1, "enchantments": {}, "hash": "6fb59e08110f0932983b708b847e8e70c4ffe84b5ca5d83163ad89443ca113ec", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "bf9f3cc5ee2c47607787816b610ad107", "key": "description"}, {"hash": "8bca4ad98c9e87cd4c6108ae76dcfaa6", "key": "references"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "9936cecefbd6413b03b4117e66e1a51b", "key": "cpe"}, {"hash": "779bd3fe234465118cdc1639dd8fc2ba", "key": "published"}, {"hash": "05b60d61d7f2018d4b8dc6121e9f73d2", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "b741f0ef34536c6be23ab9e396a7cb59", "key": "href"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "12e604eaa09778d3c8ba097057ab6017", "key": "modified"}, {"hash": "b11d8b7d5d0ed05c04992478152f733b", "key": "cvelist"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6431", "id": "CVE-2007-6431", "lastseen": "2016-09-03T09:52:29", "modified": "2011-03-07T22:02:42", "objectVersion": "1.2", "published": "2008-02-13T16:00:00", "references": ["http://www.adobe.com/support/security/bulletins/apsb08-03.html", "http://www.adobe.com/support/security/bulletins/apsb08-04.html", "http://www.vupen.com/english/advisories/2008/0538/references", "http://www.vupen.com/english/advisories/2008/0539", "http://www.securityfocus.com/bid/27762", "http://www.securitytracker.com/id?1019400", "http://xforce.iss.net/xforce/xfdb/40504"], "reporter": "NVD", "scanner": [], "title": "CVE-2007-6431", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T09:52:29"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "9936cecefbd6413b03b4117e66e1a51b"}, {"key": "cvelist", "hash": "b11d8b7d5d0ed05c04992478152f733b"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "bf9f3cc5ee2c47607787816b610ad107"}, {"key": "href", "hash": "b741f0ef34536c6be23ab9e396a7cb59"}, {"key": "modified", "hash": "0d51c6910f56036d3718a2fcb91c2e62"}, {"key": "published", "hash": "779bd3fe234465118cdc1639dd8fc2ba"}, {"key": "references", "hash": "b16e1f2e566b4d707d536f7395a92cc1"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "05b60d61d7f2018d4b8dc6121e9f73d2"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "34d1b2850af650e53664d78fd958760f462219cbae486941b612e1ef56c35b92", "viewCount": 0, "enchantments": {"vulnersScore": 5.0}, "objectVersion": "1.3", "cpe": ["cpe:/a:adobe:flash_media_server_2:2.0.4", "cpe:/a:adobe:connect_enterprise_server:6:sp2"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}
{"result": {"seebug": [{"id": "SSV:2914", "type": "seebug", "title": "Adobe Flash Media Server\u591a\u4e2a\u8fdc\u7a0b\u6ea2\u51fa\u6f0f\u6d1e", "description": "BUGTRAQ ID: 27762\r\nCVE(CAN) ID: CVE-2007-6149,CVE-2007-6148,CVE-2007-6431\r\n\r\nAdobe Flash Media Server\u662f\u57fa\u4e8eFlash\u5e94\u7528\u7a0b\u5e8f\u7684\u670d\u52a1\u5668\uff0c\u53ef\u63d0\u4f9b\u8fd0\u884c\u4ea4\u4e92\u5f0f\u5e94\u7528\u53ca\u97f3\u9891\u89c6\u9891\u6d41\u7684\u73af\u5883\u3002\r\n\r\nFlash Media Server\u5305\u542b\u6709\u540d\u4e3aEdge Server\u7684\u7ec4\u4ef6\uff0c\u8be5\u7ec4\u4ef6\u5728TCP 1935\u548c19350\u7aef\u53e3\u76d1\u542c\u5165\u7ad9\u8fde\u63a5\u3002Edge server\u7ec4\u4ef6\u8d1f\u8d23\u89e3\u6790RTMP\u6d88\u606f\u7684\u4ee3\u7801\u5b58\u5728\u591a\u4e2a\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\u3002\u5982\u679c\u7528\u6237\u53d7\u9a97\u8fde\u63a5\u5230\u4e86\u6076\u610f\u670d\u52a1\u5668\u7684\u8bdd\uff0c\u8be5\u7ec4\u4ef6\u76f4\u63a5\u4ece\u62a5\u6587\u53d6\u5f97\u4e8632\u4f4d\u503c\u5e76\u5c06\u5176\u7528\u4e8e\u8ba1\u7b97\u6240\u8981\u5206\u914d\u52a8\u6001\u7f13\u51b2\u533a\u7684\u5b57\u8282\u6570\u3002\u8fd9\u4f1a\u89e6\u53d1\u6574\u6570\u6ea2\u51fa\uff0c\u4e4b\u540e\u5bfc\u81f4\u5806\u6ea2\u51fa\u3002\r\n\r\n\u6b64\u5916Edge Server\u7ec4\u4ef6\u7ec4\u4ef6\u5728\u89e3\u6790RTMP\u6d88\u606f\u65f6\u7279\u5b9a\u7684\u8bf7\u6c42\u5e8f\u5217\u4f1a\u5bfc\u81f4\u4f7f\u7528\u5df2\u7ecf\u91ca\u653e\u7684\u5185\u5b58\u533a\u57df\uff0c\u8fd9\u53ef\u80fd\u5bfc\u81f4\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\n\nAdobe Flash Media Server <= 2.0.4\r\nAdobe Connect Enterprise Server <= 6 SP2\n Adobe\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=http://download.macromedia.com/pub/flashmediaserver/updates/2_0_5/win/flashmediaserver2.zip target=_blank>http://download.macromedia.com/pub/flashmediaserver/updates/2_0_5/win/flashmediaserver2.zip</a>", "published": "2008-02-21T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.seebug.org/vuldb/ssvid-2914", "cvelist": ["CVE-2007-6148", "CVE-2007-6149", "CVE-2007-6431"], "lastseen": "2017-11-19T21:47:03"}], "nessus": [{"id": "ADOBE_FMS_2_0_5.NASL", "type": "nessus", "title": "Adobe Flash Media Server < 2.0.5 Multiple Remote Vulnerabilities", "description": "The remote host is running Adobe's Flash Media Server, an application server for Flash-based applications. \n\nThe Edge server component included with the version of Flash Media Server installed on the remote host contains several integer overflow and memory corruption errors that can be triggered when parsing specially crafted Real Time Message Protocol (RTMP) packets. An unauthenticated, remote attacker can leverage these issues to crash the affected service or execute arbitrary code with SYSTEM-level privileges (under Windows), potentially resulting in a complete compromise of the affected host.", "published": "2008-02-15T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=31096", "cvelist": ["CVE-2007-6149", "CVE-2007-6431", "CVE-2007-6148"], "lastseen": "2018-06-29T05:28:22"}]}}
