Vulnerability Name: CVE-2007-2022 (CCN-33595) Assigned: 2007-04-13 Published: 2007-04-13 Updated: 2017-10-11 Summary: Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet. CVSS v3 Severity: 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): HighPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): NoneAvailibility (A): None
CVSS v2 Severity: 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P 5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N 1.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): HighAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): NoneAvailibility (A): None
Vulnerability Type: CWE-200 Vulnerability Consequences: Obtain Information References: Source: SGI20070602-01-P CVE-2007-2022 Important: kdebase security update Opera Flash Player Plug-In Interaction Vulnerability 24877 25027 25432 Konqueror Flash Player Plug-in Vulnerability 25662 25669 25894 25933 Adobe Flash Player Multiple Vulnerabilities 26027 26118 26357 26860 28068 Adobe Flash Player on Opera Has a Vulnerability with Unspecified Impact Security Vulnerabilities in Adobe Flash Player May Allow Unauthorized System Access or Generation of HTTP Requests 103167 201506 kdebase security update (RHSA-2007-0494) Security Vulnerabilities in Adobe Flash Player May Allow Unauthorized System Access or Generation of HTTP Requests (Sun 103167) Opera update available for vulnerability with Adobe Flash Player and Opera browser on Linux and Solaris http://www.adobe.com/support/security/advisories/apsa07-03.html Flash Player update available to address security vulnerabilities http://www.adobe.com/support/security/bulletins/apsb07-12.html Macromedia Flash Player: Remote arbitrary code execution GLSA-200708-01 Flash Player information disclosure vulnerability MDKSA-2007:138 SUSE-SR:2007:012 SUSE-SA:2007:028 SUSE-SA:2007:046 Advisory: Opera security upgrade for Linux, Solaris and FreeBSD http://www.opera.com/support/search/view/858/ RHSA-2007:0494 23437 Opera Web Browser Running Adobe Flash Player Information Disclosure Vulnerability 1017903 Three vulnerabilities discovered in flash-player TA07-192A ADV-2007-1361 ADV-2007-2497 ADV-2007-4190 flashplayer-unspecified-info-disclosure(33595) opera-flash-player-unspecified(33595) https://issues.rpath.com/browse/RPL-1462 oval:org.mitre.oval:def:9332 flash-player security problems SUSE Security Summary Report Vulnerable Configuration: Configuration 1 :cpe:/a:adobe:flash_player:7.0.25:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:8.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.20:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.28:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:5.0:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:5.0:beta2:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:5.0:beta3:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:5.0:beta4:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:5.0:beta5:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:5.0:beta6:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:5.0:beta7:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:5.0:beta8:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:5.02:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:5.10:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:5.11:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:5.12:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:6.0:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:6.0:beta1:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:6.0:beta2:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:6.0:tp1:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:6.0:tp2:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:6.0:tp3:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:6.01:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:6.1:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:6.1:beta1:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:6.02:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:6.03:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:6.04:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:6.05:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:6.06:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:6.11:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:6.12:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.0:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.0:beta1:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.0:beta1_v2:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.0:beta2:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.01:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.02:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.03:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.10:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.10:beta1:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.11:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.11:beta2:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.20:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.20:beta7:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.21:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.22:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.23:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.50:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.50:beta1:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.51:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.52:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.53:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.54:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.54:update1:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.54:update2:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:7.60:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:8.0:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:8.0:beta1:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:8.0:beta2:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:8.0:beta3:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:8.01:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:8.02:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:8.50:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:8.51:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:8.52:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:8.53:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:8.54:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:9.0:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:9.0:beta1:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:9.0:beta2:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:9.01:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:9.02:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:9.10:*:*:*:*:*:*:* OR cpe:/a:opera:opera_browser:9.12:*:*:*:*:*:*:* Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:* Configuration RedHat 2 :cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* Configuration RedHat 3 :cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* Configuration RedHat 4 :cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* Configuration RedHat 5 :cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* Configuration RedHat 6 :cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:* Configuration RedHat 7 :cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:* Configuration RedHat 8 :cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:* Configuration RedHat 9 :cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:* Configuration CCN 1 :cpe:/a:adobe:flash_player:7.0.25:*:*:*:*:*:*:* AND cpe:/o:freebsd:freebsd:*:*:*:*:*:*:*:* OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:* OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:* OR cpe:/o:sun:solaris:10::x86:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2007::x86_64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:* OR cpe:/o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4.5.z::as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4.5.z::es:*:*:*:*:* OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:* Oval Definitions Definition ID Class Title Last Modified oval:org.opensuse.security:def:20072022 V CVE-2007-2022 2015-11-16 oval:org.mitre.oval:def:24920 V Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet 2015-08-03 oval:org.mitre.oval:def:21835 P ELSA-2007:0494: kdebase security update (Important) 2014-05-26 oval:org.mitre.oval:def:9332 V Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet. 2013-04-29 oval:com.redhat.rhsa:def:20070494 P RHSA-2007:0494: kdebase security update (Important) 2007-06-13
BACK
adobe flash player 7.0.25
adobe flash player 8.0
adobe flash player 9.0.18d60
adobe flash player 9.0.20
adobe flash player 9.0.28
opera opera browser 5.0
opera opera browser 5.0 beta2
opera opera browser 5.0 beta3
opera opera browser 5.0 beta4
opera opera browser 5.0 beta5
opera opera browser 5.0 beta6
opera opera browser 5.0 beta7
opera opera browser 5.0 beta8
opera opera browser 5.02
opera opera browser 5.10
opera opera browser 5.11
opera opera browser 5.12
opera opera browser 6.0
opera opera browser 6.0 beta1
opera opera browser 6.0 beta2
opera opera browser 6.0 tp1
opera opera browser 6.0 tp2
opera opera browser 6.0 tp3
opera opera browser 6.01
opera opera browser 6.1
opera opera browser 6.1 beta1
opera opera browser 6.02
opera opera browser 6.03
opera opera browser 6.04
opera opera browser 6.05
opera opera browser 6.06
opera opera browser 6.11
opera opera browser 6.12
opera opera browser 7.0
opera opera browser 7.0 beta1
opera opera browser 7.0 beta1_v2
opera opera browser 7.0 beta2
opera opera browser 7.01
opera opera browser 7.02
opera opera browser 7.03
opera opera browser 7.10
opera opera browser 7.10 beta1
opera opera browser 7.11
opera opera browser 7.11 beta2
opera opera browser 7.20
opera opera browser 7.20 beta7
opera opera browser 7.21
opera opera browser 7.22
opera opera browser 7.23
opera opera browser 7.50
opera opera browser 7.50 beta1
opera opera browser 7.51
opera opera browser 7.52
opera opera browser 7.53
opera opera browser 7.54
opera opera browser 7.54 update1
opera opera browser 7.54 update2
opera opera browser 7.60
opera opera browser 8.0
opera opera browser 8.0 beta1
opera opera browser 8.0 beta2
opera opera browser 8.0 beta3
opera opera browser 8.01
opera opera browser 8.02
opera opera browser 8.50
opera opera browser 8.51
opera opera browser 8.52
opera opera browser 8.53
opera opera browser 8.54
opera opera browser 9.0
opera opera browser 9.0 beta1
opera opera browser 9.0 beta2
opera opera browser 9.01
opera opera browser 9.02
opera opera browser 9.10
opera opera browser 9.12
adobe flash player 7.0.25
freebsd freebsd *
gentoo linux *
suse linux enterprise server 8
suse suse linux 9.0
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
mandrakesoft mandrake linux corporate server 3.0
redhat enterprise linux 4
redhat enterprise linux 4
novell linux desktop 9
redhat enterprise linux 4
redhat enterprise linux 4
sun solaris 10
sun solaris 10
mandrakesoft mandrake linux 2007
mandrakesoft mandrake linux 2007
mandrakesoft mandrake linux corporate server 4.0
mandrakesoft mandrake linux corporate server 4.0
mandrakesoft mandrake linux corporate server 3.0
turbolinux turbolinux fuji
redhat enterprise linux desktop 5.0
redhat enterprise linux 5
redhat enterprise linux 5
mandrakesoft mandrake linux 2007.1
mandrakesoft mandrake linux 2008.0
redhat enterprise linux 5
mandrakesoft mandrake linux 2007.1
redhat enterprise linux 4.5.z
redhat enterprise linux 4.5.z
novell opensuse 10.2
Denotes that component is vulnerable