PT-2007-3366 · Adobe+1 · Macromedia Flash Player+1

Published

2007-04-13

Updated

2017-10-11

CVE-2007-2022

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Adobe Macromedia Flash Player versions 7 and 9

Description The issue allows remote attackers to obtain sensitive information, specifically browser keystrokes, which are leaked to the Flash Player applet when used with certain browsers.

Recommendations For Adobe Macromedia Flash Player version 7, update the browser to a version that is not affected by this issue, such as Opera 9.20 or later, or use an alternative browser. For Adobe Macromedia Flash Player version 9, update the browser to a version that is not affected by this issue, such as Opera 9.20 or later, or use an alternative browser.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2007-2022

RHSA-2007:0494

RHSA-2007_0494

Affected Products

Macromedia Flash Player

Red Hat

PT-2007-3366 · Adobe+1 · Macromedia Flash Player+1

CVE-2007-2022

Weakness Enumeration

Related Identifiers

Affected Products

References · 37