Lucene search

[email protected]NVD:CVE-2019-8075

HistorySep 27, 2019 - 4:15 p.m.

CVE-2019-8075

2019-09-2716:15:10

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

8.2

Confidence

High

EPSS

0.003

Percentile

68.2%

JSON

Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

Affected configurations

Nvd

Node

adobeflash_player_desktop_runtimeRange≤32.0.0.207

AND

applemacosMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

Node

adobeflash_playerRange≤32.0.0.207chrome

AND

applemacosMatch-

googlechrome_osMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

Node

adobeflash_playerRange≤32.0.0.207edge

adobeflash_playerRange≤32.0.0.207internet_explorer_11

AND

microsoftwindows_10Match-

microsoftwindows_8.1Match-

Node

googlechromeRange<87.0.4280.66

AND

linuxlinux_kernelMatch-

microsoftwindowsMatch-

Node

googlechromeRange<87.0.4280.67

AND

applemacosMatch-

Node

debiandebian_linuxMatch10.0

Node

fedoraprojectfedoraMatch32

fedoraprojectfedoraMatch33

VendorProductVersionCPE
adobeflash_player_desktop_runtime*cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*
applemacos-cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*
googlechrome_os-cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*
microsoftwindows_10-cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
microsoftwindows_8.1-cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	flash_player_desktop_runtime	*	cpe:2.3:a:adobe:flash_player_desktop_runtime::::::::
apple	macos	-	cpe:2.3:o:apple:macos:-:::::::*
linux	linux_kernel	-	cpe:2.3:o:linux:linux_kernel:-:::::::*
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::chrome::*
google	chrome_os	-	cpe:2.3:o:google:chrome_os:-:::::::*
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::edge::*
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::internet_explorer_11::*
microsoft	windows_10	-	cpe:2.3:o:microsoft:windows_10:-:::::::*
microsoft	windows_8.1	-	cpe:2.3:o:microsoft:windows_8.1:-:::::::*