PT-2007-7132 · Adobe · Flash Player

Toshiharu Sugiyama

Publicado

2007-12-20

Atualizado

2017-09-29

CVE-2007-6243

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions 7.0.0 through 7.0.70.0 Adobe Flash Player versions 8.0.0 through 8.0.35.0 Adobe Flash Player versions 9.0.0 through 9.0.48.0

Description The issue makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks due to insufficient restriction of the interpretation and usage of cross-domain policy files.

Recommendations For Adobe Flash Player versions 7.0.0 through 7.0.70.0, update to a version later than 7.0.70.0. For Adobe Flash Player versions 8.0.0 through 8.0.35.0, update to a version later than 8.0.35.0. For Adobe Flash Player versions 9.0.0 through 9.0.48.0, update to a version later than 9.0.48.0.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2007-6243

RHSA-2007:1126

RHSA-2008:0221

RHSA-2008:0945

RHSA-2008:0980

Produtos afetados

Flash Player

PT-2007-7132 · Adobe · Flash Player

CVE-2007-6243

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 43