Lucene search

MitreCVE-2008-1201

HistoryMar 24, 2008 - 5:44 p.m.

CVE-2008-1201

2008-03-2417:44:00

CWE-94

mitre

web.nvd.nist.gov

cve-2008-1201

adobe flash

windows

remote code execution

fla file parsing

security vulnerability

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

Low

EPSS

0.093

Percentile

94.8%

JSON

Multiple unspecified vulnerabilities in FLA file parsing in Adobe Flash CS3 Professional, Flash Professional 8, and Flash Basic 8 on Windows allow user-assisted remote attackers to execute arbitrary code via a crafted .FLA file.

Affected configurations

Nvd

Node

adobeflashMatchbasic8

adobeflashMatchprofessional8

adobeflashMatchprofessionalcs3

VendorProductVersionCPE
adobeflashbasiccpe:2.3:a:adobe:flash:basic:8:*:*:*:*:*:*
adobeflashprofessionalcpe:2.3:a:adobe:flash:professional:8:*:*:*:*:*:*
adobeflashprofessionalcpe:2.3:a:adobe:flash:professional:cs3:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	flash	basic	cpe:2.3:a:adobe:flash:basic:8::::::
adobe	flash	professional	cpe:2.3:a:adobe:flash:professional:8::::::
adobe	flash	professional	cpe:2.3:a:adobe:flash:professional:cs3::::::

References

ruder.cdut.net/blogview.asp?logID=241

secunia.com/advisories/29455

www.adobe.com/support/security/advisories/apsa08-03.html

www.fortiguardcenter.com/advisory/FGA-2008-07.html

www.securityfocus.com/bid/28349

www.securitytracker.com/id?1019681

www.vupen.com/english/advisories/2008/0948/references

exchange.xforce.ibmcloud.com/vulnerabilities/41327

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

Low

EPSS

0.093

Percentile

94.8%

JSON

Related for CVE-2008-1201