4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
6.5 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.4%
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0, when running on Linux, uses insecure permissions for memory, which might allow local users to gain privileges.
lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html
secunia.com/advisories/28157
secunia.com/advisories/28161
secunia.com/advisories/28213
secunia.com/advisories/28570
secunia.com/advisories/30507
securitytracker.com/id?1019116
sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
www.adobe.com/support/security/bulletins/apsb07-20.html
www.gentoo.org/security/en/glsa/glsa-200801-07.xml
www.redhat.com/support/errata/RHSA-2007-1126.html
www.securityfocus.com/bid/26929
www.securityfocus.com/bid/26965
www.us-cert.gov/cas/techalerts/TA07-355A.html
www.vupen.com/english/advisories/2007/4258
www.vupen.com/english/advisories/2008/1724/references
exchange.xforce.ibmcloud.com/vulnerabilities/39136
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10519