| Vulnerability Name: | CVE-2007-0071 (CCN-37277) | ||||||||||||||||||||
| Assigned: | 2007-01-04 | ||||||||||||||||||||
| Published: | 2008-04-08 | ||||||||||||||||||||
| Updated: | 2018-10-30 | ||||||||||||||||||||
| Summary: | Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset of a NULL pointer, and triggers a buffer overflow. | ||||||||||||||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||||||||||
| CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||||||||||||||
| Vulnerability Type: | CWE-189 | ||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||
| References: | Source: CCN Type: Adobe Product Security Incident Response Team (PSIRT) Blog, May 27, 2008 11:05 AM Potential Flash Player issue Source: MISC Type: Vendor Advisory http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue.html Source: MITRE Type: CNA CVE-2007-0071 Source: CCN Type: Dancho Danchev's Blog, Tuesday, May 27, 2008 Malware Attack Exploiting Flash Zero Day Vulnerability Source: MISC Type: Broken Link http://documents.iss.net/whitepapers/IBM_X-Force_WP_final.pdf Source: CCN Type: SANS - Internet Storm Center, 2008-05-27 Adobe flash player vuln Source: MISC Type: Third Party Advisory http://isc.sans.org/diary.html?storyid=4465 Source: APPLE Type: Mailing List APPLE-SA-2008-05-28 Source: SUSE Type: Third Party Advisory SUSE-SA:2008:022 Source: CCN Type: RHSA-2008-0221 Critical: flash-plugin security update Source: CCN Type: SA28083 Adobe Flash Player Multiple Vulnerabilities Source: SECUNIA Type: Third Party Advisory 29763 Source: SECUNIA Type: Third Party Advisory 29865 Source: CCN Type: SA30404 REVOKED: Adobe Flash Player Unspecified Vulnerability Source: SECUNIA Type: Third Party Advisory 30404 Source: CCN Type: SA30430 Apple Mac OS X Security Update Fixes Multiple Vulnerabilities Source: SECUNIA Type: Third Party Advisory 30430 Source: SECUNIA Type: Third Party Advisory 30507 Source: CCN Type: SECTRACK ID: 1019811 Adobe Flash Player Invalid Pointer Bug Lets Remote Users Execute Arbitrary Code Source: CCN Type: SECTRACK ID: 1020114 [Duplicate Entry] Adobe Flash Player Bug Lets Remote Users Execute Arbitrary Code Source: SUNALERT Type: Broken Link 238305 Source: CCN Type: Sun Alert ID: 238305 Multiple Security Vulnerabilities in Flash Player for Solaris Source: CCN Type: Apple Web site About the security content of Security Update 2008-003 / Mac OS X 10.5.3 Source: CCN Type: ASA-2008-164 flash-plugin security update (RHSA-2008-0221) Source: CCN Type: ASA-2008-241 Multiple Security Vulnerabilities in Flash Player for Solaris (Sun 238305) Source: CCN Type: NORTEL BULLETIN ID: 2008008954, Rev 1 Nortel Response to Sun Alert 238305 - Multiple Security Vulnerabilities in Flash Player for Solaris 10 Source: CCN Type: Adobe Product Security Bulletin APSB08-11 Flash Player update available to address security vulnerabilities Source: CONFIRM Type: Vendor Advisory http://www.adobe.com/support/security/bulletins/apsb08-11.html Source: CCN Type: GLSA-200804-21 Adobe Flash Player: Multiple vulnerabilities Source: GENTOO Type: Third Party Advisory GLSA-200804-21 Source: CCN Type: IBM Internet Security Systems Protection Advisory, April 8, 2008 Adobe Flash Player Invalid Pointer Vulnerability Source: ISS Type: Broken Link 20080408 Adobe Flash Player Invalid Pointer Vulnerability Source: CCN Type: US-CERT VU#159523 Adobe Flash Player integer overflow vulnerability Source: CERT-VN Type: Third Party Advisory, US Government Resource VU#159523 Source: CCN Type: US-CERT VU#395473 Adobe Flash player code execution vulnerability Source: CERT-VN Type: Third Party Advisory, US Government Resource VU#395473 Source: MISC Type: Third Party Advisory http://www.matasano.com/log/1032/this-new-vulnerability-dowds-inhuman-flash-exploit/ Source: OSVDB Type: Broken Link 44282 Source: CCN Type: OSVDB ID: 44282 Adobe Flash Player Unspecified Input Validation Arbitrary Code Execution Source: REDHAT Type: Third Party Advisory RHSA-2008:0221 Source: BID Type: Third Party Advisory, VDB Entry 28695 Source: CCN Type: BID-28695 Adobe Flash Player Multimedia File Remote Buffer Overflow Vulnerability Source: BID Type: Third Party Advisory, VDB Entry 29386 Source: CCN Type: BID-29386 Retired: Adobe Flash Player SWF File Remote Code Execution Vulnerability Source: SECTRACK Type: Third Party Advisory, VDB Entry 1019811 Source: SECTRACK Type: Third Party Advisory, VDB Entry 1020114 Source: CERT Type: Third Party Advisory, US Government Resource TA08-100A Source: CERT Type: Third Party Advisory, US Government Resource TA08-149A Source: CERT Type: Third Party Advisory, US Government Resource TA08-150A Source: VUPEN Type: Third Party Advisory ADV-2008-1662 Source: VUPEN Type: Third Party Advisory ADV-2008-1697 Source: VUPEN Type: Third Party Advisory ADV-2008-1724 Source: MISC Type: Third Party Advisory, VDB Entry http://www.zerodayinitiative.com/advisories/ZDI-08-032/ Source: XF Type: Third Party Advisory, VDB Entry multimedia-file-integer-overflow(37277) Source: XF Type: UNKNOWN multimedia-file-integer-overflow(37277) Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:10379 Source: SUSE Type: SUSE-SA:2008:022 Flash Player security problems Source: CCN Type: ZDI-08-032 Adobe Flash DefineSceneAndFrameLabelData Parsing Memory Corruption Vulnerability | ||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
| BACK | |||||||||||||||||||||