Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2008-1654
HistoryApr 02, 2008 - 12:00 a.m.

CVE-2008-1654

2008-04-0200:00:00
ubuntu.com
ubuntu.com
16

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.008 Low

EPSS

Percentile

81.2%

JSON

Interaction error between Adobe Flash and multiple Universal Plug and Play
(UPnP) services allow remote attackers to perform Cross-Site Request
Forgery (CSRF) style attacks by using the Flash navigateToURL function to
send a SOAP message to a UPnP control point, as demonstrated by changing
the primary DNS server.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchflashplugin-nonfree< 9.0.246.0ubuntu1UNKNOWN

Related

cve 1
cvelist 1
prion 1
nvd 1
nessus 7
seebug 1
suse 1
securityvulns 2
gentoo 1
openvas 8
redhat 1
cve
cve
CVE-2008-1654
2008-04-02 18:44:00
cvelist
cvelist
CVE-2008-1654
2008-04-02 18:00:00
prion
prion
Cross site request forgery (csrf)
2008-04-02 18:44:00
nvd
nvd
CVE-2008-1654
2008-04-02 18:44:00
nessus
nessus
GLSA-200804-21 : Adobe Flash Player: Multiple vulnerabilities
2008-04-22 00:00:00
Flash Player < 8.0.42.0 / 9.0.124.0 Multiple Vulnerabilities (APSB08-11)
2008-04-10 00:00:00
openSUSE 10 Security Update : flash-player (flash-player-5161)
2008-04-17 00:00:00
seebug
seebug
Adobe Flash Player 9.0.124.0版本修改多个安全漏洞
2008-04-11 00:00:00
suse
suse
remote code execution in flash-player
2008-04-11 13:28:58
securityvulns
securityvulns
Adobe Flash Player multiple security vulnerabilities
2008-04-14 00:00:00
About the security content of Security Update 2008-003 / Mac OS X 10.5.3
2008-05-30 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2008-04-18 00:00:00
openvas
openvas
SuSE Update for flash-player SUSE-SA:2008:022
2009-01-23 00:00:00
Gentoo Security Advisory GLSA 200804-21 (netscape-flash)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200804-21 (netscape-flash)
2008-09-24 00:00:00
redhat
redhat
(RHSA-2008:0221) Critical: flash-plugin security update
2008-04-08 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.008 Low

EPSS

Percentile

81.2%

JSON
Related for UB:CVE-2008-1654
cve1cvelist1prion1nvd1nessus7seebug1suse1securityvulns2gentoo1openvas8redhat1