Lucene search

PRIOn knowledge basePRION:CVE-2007-3457

HistoryJul 11, 2007 - 4:30 p.m.

Cross site request forgery (csrf)

2007-07-1116:30:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.009 Low

EPSS

Percentile

82.5%

JSON

Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might allow remote attackers to conduct a CSRF attack via a crafted SWF file.

CPENameOperatorVersion
flash_playerle8.0.34.0

CPE	Name	Operator	Version
	flash_player	le	8.0.34.0

References

secunia.com/advisories/26027

secunia.com/advisories/26118

secunia.com/advisories/26357

secunia.com/advisories/28068

sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1

sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1

www.adobe.com/support/security/bulletins/apsb07-12.html

www.gentoo.org/security/en/glsa/glsa-200708-01.xml

www.kb.cert.org/vuls/id/138457

www.novell.com/linux/security/advisories/2007_46_flashplayer.html

www.osvdb.org/38049

www.securitytracker.com/id?1018359

www.us-cert.gov/cas/techalerts/TA07-192A.html

www.vupen.com/english/advisories/2007/2497

www.vupen.com/english/advisories/2007/4190

exchange.xforce.ibmcloud.com/vulnerabilities/35338

6.6 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.009 Low

EPSS

Percentile

82.5%

JSON

Related for PRION:CVE-2007-3457