| Vulnerability Name: | CVE-2006-3587 (CCN-27601) | ||||||||||||
| Assigned: | 2006-07-05 | ||||||||||||
| Published: | 2006-07-05 | ||||||||||||
| Updated: | 2018-10-12 | ||||||||||||
| Summary: | Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to execute arbitrary commands via a malformed .swf file that results in "multiple improper memory access" errors. | ||||||||||||
| CVSS v3 Severity: | 5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||
| CVSS v2 Severity: | 5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P) 3.8 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
3.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||||||
| Vulnerability Type: | CWE-noinfo | ||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2006-3587 Source: CCN Type: Mac OS X 10.4.8 and Security Update 2006-006 About the security content of the Mac OS X 10.4.8 Update and Security Update 2006-006 Source: APPLE Type: UNKNOWN APPLE-SA-2006-09-29 Source: CCN Type: RHSA-2006-0674 flash-plugin security update Source: CCN Type: SA20971 Flash Player Unspecified Vulnerability and "addRequestHeader()" Bypass Source: SECUNIA Type: Patch, Vendor Advisory 20971 Source: CCN Type: SA21865 Adobe Flash Player Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory 21865 Source: SECUNIA Type: Vendor Advisory 21901 Source: SECUNIA Type: Vendor Advisory 22054 Source: CCN Type: SA22187 Mac OS X Security Update Fixes Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory 22187 Source: SECUNIA Type: Vendor Advisory 22268 Source: CCN Type: SA22882 Microsoft Windows Flash Player Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory 22882 Source: GENTOO Type: UNKNOWN GLSA-200610-02 Source: CCN Type: SECTRACK ID: 1016448 Macromedia Flash Memory Access Errors Let Remote Users Execute Arbitrary Code Source: SECTRACK Type: UNKNOWN 1016448 Source: CCN Type: SECTRACK ID: 1016829 Adobe Flash Player Input Validation Bugs Let Remote Users Execute Arbitrary Code Source: SECTRACK Type: UNKNOWN 1016829 Source: CCN Type: ASA-2006-192 flash-plugin security update (RHSA-2006-0674) Source: CCN Type: ASA-2006-253 Microsoft Security Bulletin Summary for November 2006 (MS06-66 - MS06-71) Source: CCN Type: Adobe Web site Adobe Flash Player Download Center Source: CCN Type: Adobe Product Security Bulletin APSB06-11 Multiple Vulnerabilities in Adobe Flash Player 8.0.24.0 and Earlier Versions Source: CONFIRM Type: UNKNOWN http://www.adobe.com/support/security/bulletins/apsb06-11.html Source: CCN Type: FortiGuard Advisory (FGA-2006-20) Vulnerability in Macromedia Flash Player Could Allow Remote Code Execution Source: MISC Type: Vendor Advisory http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-20.html Source: CCN Type: GLSA-200610-02 Adobe Flash Player: Arbitrary code execution Source: CCN Type: US-CERT VU#474593 Adobe Flash Player fails to properly handle malformed SWF files Source: CERT-VN Type: Patch, US Government Resource VU#474593 Source: CCN Type: Microsoft Security Bulletin MS06-069 Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (923789) Source: SUSE Type: UNKNOWN SUSE-SA:2006:053 Source: REDHAT Type: UNKNOWN RHSA-2006:0674 Source: BID Type: UNKNOWN 18894 Source: CCN Type: BID-18894 Macromedia Flash Malformed SWF File Multiple Vulnerabilities Source: BID Type: UNKNOWN 19980 Source: CCN Type: BID-19980 Adobe Flash Player Multiple Remote Code Execution Vulnerabilities Source: CCN Type: TLSA-2006-26 Multiple vulnerabilities in flash-player Source: CCN Type: US-CERT Technical Cyber Security Alert TA06-275A Multiple Vulnerabilities in Apple and Adobe Products Source: CERT Type: US Government Resource TA06-318A Source: VUPEN Type: Vendor Advisory ADV-2006-2702 Source: VUPEN Type: Vendor Advisory ADV-2006-3573 Source: VUPEN Type: Vendor Advisory ADV-2006-3577 Source: VUPEN Type: Vendor Advisory ADV-2006-3852 Source: VUPEN Type: Vendor Advisory ADV-2006-4507 Source: MS Type: UNKNOWN MS06-069 Source: XF Type: UNKNOWN macromedia-swf-file-code-execution(27601) Source: XF Type: UNKNOWN macromedia-swf-file-code-execution(27601) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1050 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:709 Source: SUSE Type: SUSE-SA:2006:053 flash-player security problem | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| Oval Definitions | |||||||||||||
| |||||||||||||
| BACK | |||||||||||||