Lucene search

[email protected]CVE-2008-4473

HistoryOct 17, 2008 - 7:31 p.m.

CVE-2008-4473

2008-10-1719:31:15

CWE-119

[email protected]

web.nvd.nist.gov

adobe flash

buffer overflow

remote code execution

nvd

swf file vulnerability

cve-2008-4473

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.258 Low

EPSS

Percentile

96.7%

JSON

Multiple heap-based buffer overflows in Adobe Flash CS3 Professional on Windows and Flash MX 2004 allow remote attackers to execute arbitrary code via an SWF file containing long control parameters.

Affected configurations

NVD

Node

adobeflash_playerMatchcs3professional

AND

microsoftwindows

Node

adobeflash_playerMatchmx_2004

CPENameOperatorVersion
adobe:flash_playeradobe flash playereqcs3

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	eq	cs3

References

secunia.com/advisories/32246

security-assessment.com/files/advisories/2008-10-16_Multiple_Flash_Authoring_Heap_Overflows.pdf

securityreason.com/securityalert/4429

securitytracker.com/id?1021060

www.adobe.com/support/security/advisories/apsa08-09.html

www.securityfocus.com/archive/1/497397/100/0/threaded

www.securityfocus.com/bid/31769

www.vupen.com/english/advisories/2008/2837

exchange.xforce.ibmcloud.com/vulnerabilities/45914

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.258 Low

EPSS

Percentile

96.7%

JSON

Related for CVE-2008-4473

prion1 openvas2 cvelist1 seebug1 nvd1