Flash Player Security Vulnerabilities and Issues — Flash Player CVE List

Lucene search

AdobeFlash Player

4 matches found

CVE•added 2008/04/09 9:5 p.m.•62 views

CVE-2007-6019

Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via an SWF file with a modified DeclareFunction2 Actionscript tag, which prevents an object from being instantiated properly.

9.3CVSS7.4AI score0.66216EPSS

CVE•added 2008/04/09 9:5 p.m.•60 views

CVE-2007-0071

Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset of a NULL pointer, and triggers a buffer overflo...

9.3CVSS7.8AI score0.90161EPSS

CVE•added 2008/04/02 6:44 p.m.•59 views

CVE-2008-1654

Interaction error between Adobe Flash and multiple Universal Plug and Play (UPnP) services allow remote attackers to perform Cross-Site Request Forgery (CSRF) style attacks by using the Flash navigateToURL function to send a SOAP message to a UPnP control point, as demonstrated by changing the prim...

4.3CVSS6.6AI score0.30802EPSS

CVE•added 2008/04/09 9:5 p.m.•59 views

CVE-2008-1655

Unspecified vulnerability in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, makes it easier for remote attackers to conduct DNS rebinding attacks via unknown vectors.

4.3CVSS6.3AI score0.30112EPSS