Vulnerability Name: CVE-2007-4324 (CCN-36079) Assigned: 2007-08-09 Published: 2007-08-09 Updated: 2018-10-15 Summary: ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not. Note : 9.0.115.0 introduces support for a workaround, but does not fix the vulnerability. CVSS v3 Severity: 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): HighPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): NoneAvailibility (A): None
CVSS v2 Severity: 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N )4.1 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:F/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): NoneAvailibility (A): None
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N )2.1 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N/E:F/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): HighAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): NoneAvailibility (A): None
Vulnerability Type: CWE-264 Vulnerability Consequences: Obtain Information References: Source: CCN Type: BugTraq Mailing List, Thu Aug 09 2007 - 13:21:41 CDT Design flaw in AS3 socket handling allows port probing Source: MITRE Type: CNACVE-2007-4324 Source: CONFIRM Type: UNKNOWNhttp://kb.adobe.com/selfservice/viewContent.do?externalId=kb402956&sliceId=2 Source: SUSE Type: UNKNOWNSUSE-SA:2007:069 Source: SUSE Type: UNKNOWNSUSE-SR:2008:025 Source: CCN Type: RHSA-2007-1126Critical: flash-plugin security update Source: CCN Type: RHSA-2008-0945Important: flash-plugin security update Source: CCN Type: RHSA-2008-0980Important: flash-plugin security update Source: MISC Type: UNKNOWNhttp://scan.flashsec.org/ Source: SECUNIA Type: Vendor Advisory28157 Source: CCN Type: SA28161Adobe Flash Player Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory28161 Source: SECUNIA Type: UNKNOWN28213 Source: SECUNIA Type: UNKNOWN28570 Source: SECUNIA Type: UNKNOWN30507 Source: CCN Type: SA32270Adobe Flash Player Multiple Security Issues Source: SECUNIA Type: UNKNOWN32270 Source: SECUNIA Type: UNKNOWN32448 Source: SECUNIA Type: UNKNOWN32702 Source: SECUNIA Type: UNKNOWN32759 Source: SECUNIA Type: UNKNOWN33390 Source: SREASON Type: UNKNOWN2995 Source: CCN Type: SECTRACK ID: 1019116Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code, Scan Ports, and Conduct HTTP Request Splitting and Cross-Site Scripting Attacks Source: SECTRACK Type: UNKNOWN1019116 Source: SUNALERT Type: UNKNOWN238305 Source: SUNALERT Type: UNKNOWN248586 Source: CCN Type: Sun Alert ID: 238305Multiple Security Vulnerabilities in Flash Player for Solaris Source: CCN Type: Sun Alert ID: 248586Multiple Security Vulnerabilities in the Flash Player Plugin for Solaris Source: CCN Type: ASA-2008-013flash-plugin security update (RHSA-2007-1126) Source: CCN Type: ASA-2008-241Multiple Security Vulnerabilities in Flash Player for Solaris (Sun 238305) Source: CONFIRM Type: UNKNOWNhttp://support.avaya.com/elmodocs2/security/ASA-2008-440.htm Source: CCN Type: ASA-2008-440flash-plugin security update (RHSA-2008-0980) Source: CONFIRM Type: UNKNOWNhttp://support.avaya.com/elmodocs2/security/ASA-2009-020.htm Source: CCN Type: ASA-2009-020Multiple Security Vulnerabilities in the Flash Player Plugin for Solaris (Sun 248586) Source: CCN Type: NORTEL BULLETIN ID: 2009009312, Rev 1Nortel Response to Sun Alert 248586 - Multiple Security Vulnerabilities in the Flash Player Plugin for Solaris Source: CONFIRM Type: UNKNOWNhttp://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=834256&poid= Source: CCN Type: NORTEL BULLETIN ID: 2008008954, Rev 1Nortel Response to Sun Alert 238305 - Multiple Security Vulnerabilities in Flash Player for Solaris 10 Source: CCN Type: Adobe Web siteAdobe Source: CONFIRM Type: UNKNOWNhttp://www.adobe.com/devnet/flashplayer/articles/fplayer10_security_changes.html Source: CCN Type: Adobe Product Security Bulletin APSB07-20Flash Player update available to address security vulnerabilities Source: CONFIRM Type: UNKNOWNhttp://www.adobe.com/support/security/bulletins/apsb07-20.html Source: CCN Type: Adobe Product Security Bulletin APSB08-18Flash Player update available to address security vulnerabilities Source: CONFIRM Type: UNKNOWNhttp://www.adobe.com/support/security/bulletins/apsb08-18.html Source: CCN Type: GLSA-200801-07Adobe Flash Player: Multiple vulnerabilities Source: GENTOO Type: UNKNOWNGLSA-200801-07 Source: REDHAT Type: UNKNOWNRHSA-2007:1126 Source: REDHAT Type: UNKNOWNRHSA-2008:0945 Source: REDHAT Type: UNKNOWNRHSA-2008:0980 Source: BUGTRAQ Type: UNKNOWN20070809 Design flaw in AS3 socket handling allows port probing Source: BID Type: UNKNOWN25260 Source: CCN Type: BID-25260Adobe ActionScript SecurityErrorEvent Security Bypass Vulnerability Source: CCN Type: TLSA-2008-1Multiple vulnerabilities exist in flash-player Source: CERT Type: US Government ResourceTA07-355A Source: VUPEN Type: UNKNOWNADV-2007-4258 Source: VUPEN Type: UNKNOWNADV-2008-1724 Source: VUPEN Type: UNKNOWNADV-2008-2838 Source: XF Type: UNKNOWNflash-swf-information-disclosure(36079) Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:11874 Source: SUSE Type: SUSE-SA:2007:069flash-player security update Source: SUSE Type: SUSE-SR:2008:025SUSE Security Summary Report Vulnerable Configuration: Configuration 1 :cpe:/a:adobe:flash_player:*:*:*:*:*:*:*:* (Version <= 9.0.114.0)Configuration RedHat 1 :cpe:/a:redhat:rhel_extras:3:*:*:*:*:*:*:* Configuration RedHat 2 :cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:* Configuration RedHat 3 :cpe:/a:redhat:rhel_extras:5:*:*:*:*:*:*:* Configuration RedHat 4 :cpe:/a:redhat:rhel_extras:4.5.z:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:adobe:flash_player_for_linux:9.0.115.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.28:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.31:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.16:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.20:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:* AND cpe:/o:gentoo:linux:*:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:* OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:* OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:* OR cpe:/o:sun:solaris:10::x86:*:*:*:*:* OR cpe:/a:redhat:rhel_extras:3:*:*:*:*:*:*:* OR cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:* OR cpe:/o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:* OR cpe:/a:redhat:rhel_extras:4.5.z:*:*:*:*:*:*:* OR cpe:/a:apple:mac_os_runtime_for_java:2.2.4:*:*:*:*:*:*:* OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:* OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_89::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_89::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_95::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_95::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_88::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_88::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_87::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_86::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_86::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_87::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_100::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_100::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_102::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_102::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_91::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_91::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_90::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_90::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_101::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_101::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_92::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_93::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_94::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_99::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_98::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_97::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_96::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_94::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_93::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_99::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_97::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_98::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_96::x86:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_103::sparc:*:*:*:*:* OR cpe:/o:sun:opensolaris:build_snv_103::x86:*:*:*:*:* Denotes that component is vulnerable Oval Definitions Definition ID Class Title Last Modified oval:org.opensuse.security:def:20074324 V CVE-2007-4324 2015-11-16 oval:org.mitre.oval:def:24854 V ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not 2015-08-03 oval:org.mitre.oval:def:22730 P ELSA-2008:0945: flash-plugin security update (Critical) 2014-05-26 oval:org.mitre.oval:def:22648 P ELSA-2007:1126: flash-plugin security update (Critical) 2014-05-26 oval:org.mitre.oval:def:11874 V ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not. NOTE: 9.0.115.0 introduces support for a workaround, but does not fix the vulnerability. 2010-09-06 oval:com.redhat.rhsa:def:20080945 P RHSA-2008:0945: flash-plugin security update (Critical) 2008-11-18 oval:com.redhat.rhsa:def:20071126 P RHSA-2007:1126: flash-plugin security update (Critical) 2007-12-18
BACK
adobe flash player *
adobe flash playe for linux 9.0.115.0
adobe flash player 9.0.28
adobe flash player 9.0.31
adobe flash player 9.0.45.0
adobe flash player 9.0.47.0
adobe flash player 9.0.48.0
adobe flash player 9.0.16
adobe flash player 9.0.18d60
adobe flash player 9.0.20.0
adobe flash player 9.0.28.0
adobe flash player 9.0.31.0
adobe flash player 9.0.114.0
adobe flash player 9.0.20
adobe flash player 9.0.124.0
gentoo linux *
suse suse linux 9.0
novell linux desktop 9
sun solaris 10
sun solaris 10
redhat rhel extras 3
redhat rhel extras 4
turbolinux turbolinux fuji
redhat rhel extras 4.5.z
apple mac os runtime for java 2.2.4
novell opensuse 10.2
novell opensuse 10.3
sun opensolaris build_snv_89
sun opensolaris build_snv_89
sun opensolaris build_snv_95
sun opensolaris build_snv_95
sun opensolaris build_snv_88
sun opensolaris build_snv_88
sun opensolaris build_snv_87
sun opensolaris build_snv_86
sun opensolaris build_snv_86
sun opensolaris build_snv_87
sun opensolaris build_snv_100
sun opensolaris build_snv_100
sun opensolaris build_snv_102
sun opensolaris build_snv_102
sun opensolaris build_snv_91
sun opensolaris build_snv_91
sun opensolaris build_snv_90
sun opensolaris build_snv_90
sun opensolaris build_snv_101
sun opensolaris build_snv_101
sun opensolaris build_snv_92
sun opensolaris build_snv_93
sun opensolaris build_snv_94
sun opensolaris build_snv_99
sun opensolaris build_snv_98
sun opensolaris build_snv_97
sun opensolaris build_snv_96
sun opensolaris build_snv_94
sun opensolaris build_snv_93
sun opensolaris build_snv_99
sun opensolaris build_snv_97
sun opensolaris build_snv_98
sun opensolaris build_snv_96
sun opensolaris build_snv_103
sun opensolaris build_snv_103