CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
69.5%
Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a “file://” base in a web document, or (3) a relative URL from a web archive (mht file).
Vendor | Product | Version | CPE |
---|---|---|---|
macromedia | flash_player | 6.0 | cpe:2.3:a:macromedia:flash_player:6.0:*:*:*:*:*:*:* |
macromedia | flash_player | 6.0.29.0 | cpe:2.3:a:macromedia:flash_player:6.0.29.0:*:*:*:*:*:*:* |
macromedia | flash_player | 6.0.40.0 | cpe:2.3:a:macromedia:flash_player:6.0.40.0:*:*:*:*:*:*:* |
macromedia | shockwave | 8.0 | cpe:2.3:a:macromedia:shockwave:8.0:*:*:*:*:*:*:* |