CVE-2008-1654

Name of the Vulnerable Software and Affected Versions Adobe Flash (affected versions not specified)

Description The issue allows remote attackers to perform Cross-Site Request Forgery (CSRF) style attacks. This is achieved by using the Flash navigateToURL function to send a SOAP message to a UPnP control point. An example of the potential impact is changing the primary DNS server.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.