| Vulnerability Name: | CVE-2007-6242 (CCN-39128) | ||||||||||||||||||||||||
| Assigned: | 2007-12-17 | ||||||||||||||||||||||||
| Published: | 2007-12-17 | ||||||||||||||||||||||||
| Updated: | 2018-10-26 | ||||||||||||||||||||||||
| Summary: | Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to "input validation errors." | ||||||||||||||||||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||||||
| CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P) 5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||||||||||||||||||
| Vulnerability Type: | CWE-20 | ||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2007-6242 Source: CCN Type: TPTI-07-21 Adobe Flash Player JPG Processing Heap Overflow Vulnerability Source: SUSE Type: Mailing List, Third Party Advisory SUSE-SA:2007:069 Source: CCN Type: RHSA-2007-1126 Critical: flash-plugin security update Source: SECUNIA Type: Third Party Advisory 28157 Source: CCN Type: SA28161 Adobe Flash Player Multiple Vulnerabilities Source: SECUNIA Type: Third Party Advisory 28161 Source: SECUNIA Type: Third Party Advisory 28213 Source: SECUNIA Type: Third Party Advisory 28570 Source: SECUNIA Type: Third Party Advisory 30507 Source: CCN Type: SECTRACK ID: 1019116 Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code, Scan Ports, and Conduct HTTP Request Splitting and Cross-Site Scripting Attacks Source: SECTRACK Type: Third Party Advisory, VDB Entry 1019116 Source: SUNALERT Type: Broken Link 238305 Source: CCN Type: Sun Alert ID: 238305 Multiple Security Vulnerabilities in Flash Player for Solaris Source: CCN Type: ASA-2008-013 flash-plugin security update (RHSA-2007-1126) Source: CCN Type: ASA-2008-241 Multiple Security Vulnerabilities in Flash Player for Solaris (Sun 238305) Source: CCN Type: NORTEL BULLETIN ID: 2008008954, Rev 1 Nortel Response to Sun Alert 238305 - Multiple Security Vulnerabilities in Flash Player for Solaris 10 Source: CCN Type: Adobe Product Security Bulletin APSB07-20 Flash Player update available to address security vulnerabilities Source: CONFIRM Type: Vendor Advisory http://www.adobe.com/support/security/bulletins/apsb07-20.html Source: CCN Type: GLSA-200801-07 Adobe Flash Player: Multiple vulnerabilities Source: GENTOO Type: Third Party Advisory GLSA-200801-07 Source: REDHAT Type: Third Party Advisory RHSA-2007:1126 Source: BID Type: Third Party Advisory, VDB Entry 26951 Source: CCN Type: BID-26951 Adobe Flash Player JPG Header Remote Heap Based Buffer Overflow Vulnerability Source: CCN Type: TLSA-2008-1 Multiple vulnerabilities exist in flash-player Source: CERT Type: Third Party Advisory, US Government Resource TA07-355A Source: VUPEN Type: Third Party Advisory ADV-2007-4258 Source: VUPEN Type: Third Party Advisory ADV-2008-1724 Source: XF Type: Third Party Advisory, VDB Entry adobe-swf-code-execution(39128) Source: XF Type: UNKNOWN adobe-swf-bo(39128) Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:9188 Source: SUSE Type: SUSE-SA:2007:069 flash-player security update | ||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||
| |||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||