Lucene search

[email protected]NVD:CVE-2007-3457

HistoryJul 11, 2007 - 4:30 p.m.

CVE-2007-3457

2007-07-1116:30:00

CWE-352

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

0.012

Percentile

85.5%

JSON

Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might allow remote attackers to conduct a CSRF attack via a crafted SWF file.

Affected configurations

Nvd

Node

adobeflash_playerRange≤8.0.34.0

VendorProductVersionCPE
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::::

References

secunia.com/advisories/26027

secunia.com/advisories/26118

secunia.com/advisories/26357

secunia.com/advisories/28068

sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1

sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1

www.adobe.com/support/security/bulletins/apsb07-12.html

www.gentoo.org/security/en/glsa/glsa-200708-01.xml

www.kb.cert.org/vuls/id/138457

www.novell.com/linux/security/advisories/2007_46_flashplayer.html

www.osvdb.org/38049

www.securitytracker.com/id?1018359

www.us-cert.gov/cas/techalerts/TA07-192A.html

www.vupen.com/english/advisories/2007/2497

www.vupen.com/english/advisories/2007/4190

exchange.xforce.ibmcloud.com/vulnerabilities/35338

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

0.012

Percentile

85.5%

JSON

Related for NVD:CVE-2007-3457

jvn1 ubuntucve1 prion1 cvelist1 cert1 cve1 nessus5 securityvulns1 openvas5 freebsd1 suse1 gentoo1