PRIOn knowledge basePRION:CVE-2007-6245Server side request forgery (ssrf)
6.7 Medium
AI Score
Confidence
Low
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.011 Low
EPSS
Percentile
83.8%
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| flash_player | eq | 7.0 | |
| flash_player | eq | 8.0 | |
| flash_player | eq | 9.0 |
References
lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html
secunia.com/advisories/28157
secunia.com/advisories/28161
secunia.com/advisories/28213
secunia.com/advisories/28570
secunia.com/advisories/30507
securitytracker.com/id?1019116
sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
www.adobe.com/support/security/bulletins/apsb07-20.html
www.gentoo.org/security/en/glsa/glsa-200801-07.xml
www.redhat.com/support/errata/RHSA-2007-1126.html
www.securityfocus.com/bid/26929
www.securityfocus.com/bid/26969
www.us-cert.gov/cas/techalerts/TA07-355A.html
www.vupen.com/english/advisories/2007/4258
www.vupen.com/english/advisories/2008/1724/references
exchange.xforce.ibmcloud.com/vulnerabilities/39134
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9546
Related
6.7 Medium
AI Score
Confidence
Low
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.011 Low
EPSS
Percentile
83.8%