Lucene search

K

MitreCVELIST:CVE-2008-4401

HistoryOct 17, 2008 - 6:00 p.m.

CVE-2008-4401

2008-10-1718:00:00

mitre

www.cve.org

5

AI Score

6.8

Confidence

Low

EPSS

0.033

Percentile

91.3%

ActionScript in Adobe Flash Player 9.0.124.0 and earlier does not require user interaction in conjunction with (1) the FileReference.browse operation in the FileReference upload API or (2) the FileReference.download operation in the FileReference download API, which allows remote attackers to create a browse dialog box, and possibly have unspecified other impact, via an SWF file.

References

lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html

secunia.com/advisories/32270

secunia.com/advisories/32448

secunia.com/advisories/32702

secunia.com/advisories/32759

secunia.com/advisories/33390

secunia.com/advisories/34226

security.gentoo.org/glsa/glsa-200903-23.xml

securitytracker.com/id?1021061

sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1

support.avaya.com/elmodocs2/security/ASA-2008-440.htm

support.avaya.com/elmodocs2/security/ASA-2009-020.htm

www.adobe.com/devnet/flashplayer/articles/fplayer10_security_changes.html

www.adobe.com/support/security/bulletins/apsb08-18.html

www.redhat.com/support/errata/RHSA-2008-0945.html

www.redhat.com/support/errata/RHSA-2008-0980.html

www.vupen.com/english/advisories/2008/2838

exchange.xforce.ibmcloud.com/vulnerabilities/45913

AI Score

6.8

Confidence

Low

EPSS

0.033

Percentile

91.3%

Related for CVELIST:CVE-2008-4401

nvd1 ubuntucve1 seebug1 prion1 cve1 openvas8 freebsd1 nessus11 redhat2 gentoo1