Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:CB4CD425A2F03D26817AFADE0D8C3615
HistoryJan 07, 2008 - 12:00 a.m.

Adobe Flash Player ActionScript launch command execution

2008-01-0700:00:00
SAINT Corporation
www.saintcorporation.com
24

0.969 High

EPSS

Percentile

99.6%

JSON

Added: 01/07/2008
CVE: CVE-2008-5499
BID: 32896
OSVDB: 50796

Background

Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages.

Problem

An input validation vulnerability allows command execution when the browser loads an SWF file which contains shell metacharacters in the arguments to the ActionScript launch method.

Resolution

Upgrade to Adobe Flash Player 10.0.15.3 or higher.

References

<http://www.adobe.com/support/security/bulletins/apsb08-24.html&gt;

Limitations

Exploit works on Adobe Systems Flash Player 10.0.12.36 on Red Hat Enterprise Linux 5 and requires a user to load the exploit page in a browser.

The target host must have the Adobe AIR package installed.

The target host must have PERL installed.

Platforms

Linux

Related

saint 3
nessus 6
seebug 3
ubuntucve 1
checkpoint_advisories 2
openvas 5
packetstorm 1
metasploit 1
prion 1
redhat 1
suse 1
cve 1
gentoo 1
saint
saint
Adobe Flash Player ActionScript launch command execution
2008-01-07 00:00:00
Adobe Flash Player ActionScript launch command execution
2008-01-07 00:00:00
Adobe Flash Player ActionScript launch command execution
2008-01-07 00:00:00
nessus
nessus
openSUSE Security Update : flash-player (flash-player-378)
2009-07-21 00:00:00
openSUSE 10 Security Update : flash-player (flash-player-5878)
2008-12-21 00:00:00
openSUSE Security Update : flash-player (flash-player-378)
2009-07-21 00:00:00
seebug
seebug
Adobe Flash Player ActionScript Launch Command Execution Vulnerability
2014-07-01 00:00:00
Adobe Flash Player ActionScript Launch Command Execution
2012-04-20 00:00:00
Adobe Flash Player for Linux SWFๆ–‡ไปถๅค„็†ไปฃ็ ๆ‰ง่กŒๆผๆดž
2008-12-23 00:00:00
ubuntucve
ubuntucve
CVE-2008-5499
2008-12-18 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player for Linux ActionScript ASnative Command Execution - Ver2 (CVE-2008-5499)
2014-04-16 00:00:00
Adobe Flash Player for Linux ActionScript ASnative Command Execution (CVE-2008-5499)
2009-09-30 00:00:00
openvas
openvas
Adobe Flash Player for Linux SWF Processing Vulnerability
2008-12-19 00:00:00
SuSE Update for flash-player SUSE-SA:2008:059
2009-01-23 00:00:00
Adobe Flash Player for Linux SWF Processing Vulnerability
2008-12-19 00:00:00
packetstorm
packetstorm
Adobe Flash Player ActionScript Launch Command Execution
2012-04-20 00:00:00
metasploit
metasploit
Adobe Flash Player ActionScript Launch Command Execution Vulnerability
2012-04-10 19:58:22
prion
prion
Code injection
2008-12-18 00:30:00
redhat
redhat
(RHSA-2008:1047) Critical: flash-plugin security update
2008-12-19 00:00:00
suse
suse
remote code execution in flash-player
2008-12-20 10:10:12
cve
cve
CVE-2008-5499
2008-12-18 00:30:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2009-03-10 00:00:00

0.969 High

EPSS

Percentile

99.6%

JSON
Related for SAINT:CB4CD425A2F03D26817AFADE0D8C3615
saint3nessus6seebug3ubuntucve1checkpoint_advisories2openvas5packetstorm1metasploit1prion1redhat1suse1cve1gentoo1