Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2007-5275
HistoryOct 08, 2007 - 11:17 p.m.

CVE-2007-5275

2007-10-0823:17:00
CWE-20
[email protected]
web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.4 Medium

AI Score

Confidence

Low

0.032 Low

EPSS

Percentile

91.3%

JSON

The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause a victim machine to establish TCP sessions with arbitrary hosts via a Flash (SWF) movie, related to lack of pinning of a hostname to a single IP address after receiving an allow-access-from element in a cross-domain-policy XML document, and the availability of a Flash Socket class that does not use the browser’s DNS pins, aka DNS rebinding attacks, a different issue than CVE-2002-1467 and CVE-2007-4324.

Affected configurations

NVD
Node
adobeshockwave_playerMatch9

References

Related

ubuntucve 2
cve 3
cvelist 3
prion 2
nvd 2
openvas 19
securityvulns 6
seebug 2
nessus 24
redhat 5
gentoo 2
suse 2
freebsd 2
ubuntucve
ubuntucve
CVE-2007-5275
2007-10-08 00:00:00
CVE-2007-4324
2007-08-14 00:00:00
cve
cve
CVE-2007-5275
2007-10-08 23:17:00
CVE-2002-1467
2003-04-22 04:00:00
CVE-2007-4324
2007-08-14 00:17:00
cvelist
cvelist
CVE-2007-5275
2007-10-08 23:00:00
CVE-2002-1467
2003-03-18 05:00:00
CVE-2007-4324
2007-08-14 00:00:00
prion
prion
Cross site scripting
2007-10-08 23:17:00
Design/Logic Flaw
2007-08-14 00:17:00
nvd
nvd
CVE-2002-1467
2003-04-22 04:00:00
CVE-2007-4324
2007-08-14 00:17:00
openvas
openvas
Adobe Flash Player <= 9.0.115.0 Vulnerability - Windows
2008-09-03 00:00:00
Adobe Flash Player 9.0.115.0 and earlier vulnerability (Linux)
2008-09-03 00:00:00
Adobe Flash Player <= 9.0.115.0 Multiple Vulnerabilities - Linux
2008-09-03 00:00:00
securityvulns
securityvulns
[EXPL] Socket Connection Timing Can Reveal Information About Network Configuration &#40;Exploit&#41;
2007-12-24 00:00:00
US-CERT Technical Cyber Security Alert TA07-355A -- Adobe Updates for Multiple Vulnerabilities
2007-12-21 00:00:00
Adobe Flash Player sandbox protection bypass
2007-12-24 00:00:00
seebug
seebug
Adobe Flash Player ActionScript SecurityErrorEvent绕过安全限制漏洞
2007-12-22 00:00:00
Adobe Flash Player 9.0.124.0版本修改多个安全漏洞
2008-04-11 00:00:00
nessus
nessus
RHEL 2.1 : netscape (RHSA-2003:027)
2004-07-06 00:00:00
openSUSE 10 Security Update : flash-player (flash-player-4855)
2007-12-24 00:00:00
RHEL 3 / 4 / 5 : flash-plugin (RHSA-2007:1126)
2009-08-24 00:00:00
redhat
redhat
(RHSA-2003:027) netscape security update
2003-07-09 00:00:00
(RHSA-2007:1126) Critical: flash-plugin security update
2007-12-18 00:00:00
(RHSA-2008:0221) Critical: flash-plugin security update
2008-04-08 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2008-01-20 00:00:00
Adobe Flash Player: Multiple vulnerabilities
2008-04-18 00:00:00
suse
suse
remote code execution in flash-player
2007-12-21 16:24:32
remote code execution in flash-player
2008-04-11 13:28:58
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2007-12-18 00:00:00
linux-flashplugin -- multiple vulnerabilities
2008-10-15 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.4 Medium

AI Score

Confidence

Low

0.032 Low

EPSS

Percentile

91.3%

JSON
Related for NVD:CVE-2007-5275
ubuntucve2cve3cvelist3prion2nvd2openvas19securityvulns6seebug2nessus24redhat5gentoo2suse2freebsd2