Vulnerability Name:

CVE-2007-6148 (CCN-40470)

Assigned:2007-11-27
Published:2008-02-12
Updated:2011-03-08
Summary:Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to execute arbitrary code via an unspecified sequence of Real Time Message Protocol (RTMP) requests.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-399
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2007-6148

Source: IDEFENSE
Type: UNKNOWN
20080212 Adobe Flash Media Server 2 Memory Corruption Vulnerability

Source: CCN
Type: SA28946
Adobe Flash Media Server Edge Server Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
28946

Source: CCN
Type: SA28947
Adobe Connect Enterprise Server Flash Media Server Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
28947

Source: CCN
Type: SECTRACK ID: 1019398
Adobe Flash Media Server RTMP Memory Corruption Error Lets Remote Users Execute Arbitrary Code

Source: CCN
Type: Adobe Product Security Bulletin APSB08-03
Update available to address Flash Media Server security issues

Source: CONFIRM
Type: UNKNOWN
http://www.adobe.com/support/security/bulletins/apsb08-03.html

Source: CCN
Type: Adobe Product Security Bulletin APSB08-04
Update available to address Adobe Connect Enterprise Server security issues

Source: CONFIRM
Type: Patch
http://www.adobe.com/support/security/bulletins/apsb08-04.html

Source: CCN
Type: OSVDB ID: 41538
Adobe Flash Media / Connect Enterprise Edge Server Crafted Real Time Message Protocol (RTMP) Requests Remote Code Execution

Source: CCN
Type: OSVDB ID: 41540
Adobe Flash Media / Connect Enterprise Server Unspecified Remote Privilege Escalation

Source: BID
Type: UNKNOWN
27762

Source: CCN
Type: BID-27762
Adobe Flash Media Server and Connect Enterprise Server Multiple Remote Security Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1019398

Source: VUPEN
Type: UNKNOWN
ADV-2008-0538

Source: VUPEN
Type: UNKNOWN
ADV-2008-0539

Source: XF
Type: UNKNOWN
adobe-connect-edge-code-execution(40470)

Source: CCN
Type: iDefense Labs PUBLIC ADVISORY: 02.12.08
Adobe Flash Media Server 2 Memory Corruption Vulnerability

Vulnerable Configuration:Configuration 1:
  • cpe:/a:adobe:connect_enterprise_server:*:sp2:*:*:*:*:*:* (Version <= 6)
  • OR cpe:/a:adobe:flash_media_server_2:*:*:*:*:*:*:*:* (Version <= 2.0.4)

    • Configuration CCN 1:
  • cpe:/a:adobe:connect_enterprise_server:6:*:*:*:*:*:*:*
  • OR cpe:/a:adobe:flash_media_server:2.0.4:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    adobe connect enterprise server * sp2
    adobe flash media server 2 *
    adobe connect enterprise server 6
    adobe flash media server 2.0.4