4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.005 Low
EPSS
Percentile
75.8%
Secunia reports:
A vulnerability has been reported in swfdec, which can be
exploited by malicious people to disclose sensitive
information.
The vulnerability is caused due to swfdec not properly
restricting untrusted sandboxes from reading local files,
which can be exploited to disclose the content of arbitrary
local files by e.g. tricking a user into visiting a malicious
website.