4 matches found
Adobe Flash Player FileReference API任意文件上传/下载漏洞
CVECAN ID: CVE-2008-4401 Flash Player是一款非常流行的FLASH播放器。 Adobe Flash Player中的ActionScript对FileReference上传API的FileReference.browse操作或FileReference下载API的FileReference.download操作没有要求用户交互,用户可能在不知情的情况下上传或下载恶意文件 Adobe Flash Player 9.0.124.0 Adobe ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
CVE-2008-4401
ActionScript in Adobe Flash Player 9.0.124.0 and earlier does not require user interaction in conjunction with 1 the FileReference.browse operation in the FileReference upload API or 2 the FileReference.download operation in the FileReference download API, which allows remote attackers to create ...
CVE-2008-4401
ActionScript in Adobe Flash Player 9.0.124.0 and earlier does not require user interaction in conjunction with 1 the FileReference.browse operation in the FileReference upload API or 2 the FileReference.download operation in the FileReference download API, which allows remote attackers to create ...
Design/Logic Flaw
ActionScript in Adobe Flash Player 9.0.124.0 and earlier does not require user interaction in conjunction with 1 the FileReference.browse operation in the FileReference upload API or 2 the FileReference.download operation in the FileReference download API, which allows remote attackers to create ...