Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2007:1126
HistoryDec 18, 2007 - 12:00 a.m.

(RHSA-2007:1126) Critical: flash-plugin security update

2007-12-1800:00:00
access.redhat.com
17

0.959 High

EPSS

Percentile

99.5%

JSON

The flash-plugin package contains a Firefox-compatible Adobe Flash Player
Web browser plug-in.

Several input validation flaws were found in the way Flash Player displays
certain content. It may be possible to execute arbitrary code on a victim’s
machine, if the victim opens a malicious Adobe Flash file.
(CVE-2007-4768, CVE-2007-6242, CVE-2007-6246)

A flaw was found in the way Flash Player handled the asfunction: protocol.
Malformed SWF files could perform a cross-site scripting attack.
(CVE-2007-6244)

A flaw was found in the way Flash Player modified HTTP request headers.
Malicious content could allow Flash Player to conduct a HTTP response
splitting attack. (CVE-2007-6245)

A flaw was found in the way Flash Player processes certain SWF content. A
malicious SWF file could allow a remote attacker to conduct a port scanning
attack from the client’s machine. (CVE-2007-4324)

A flaw was found in the way Flash Player establishes TCP sessions. A remote
attacker could use Flash Player to conduct a DNS rebinding attack.
(CVE-2007-5275)

Users of Adobe Flash Player are advised to upgrade to this updated package,
which contains version 9.0.115.0 and resolves these issues.

OSVersionArchitecturePackageVersionFilename
RedHat5i386flash-plugin< 9.0.115.0-1.el5flash-plugin-9.0.115.0-1.el5.i386.rpm

Related

openvas 43
nessus 33
suse 2
gentoo 3
freebsd 3
securityvulns 11
prion 10
nvd 10
cve 10
ubuntucve 8
cvelist 10
checkpoint_advisories 2
jvn 2
cert 2
seebug 4
debiancve 1
redhat 3
osv 1
debian 2
ubuntu 1
fedora 1
openvas
openvas
Gentoo Security Advisory GLSA 200801-07 (netscape-flash)
2008-09-24 00:00:00
SuSE Update for flash-player SUSE-SA:2007:069
2009-01-28 00:00:00
Gentoo Security Advisory GLSA 200801-07 (netscape-flash)
2008-09-24 00:00:00
nessus
nessus
GLSA-200801-07 : Adobe Flash Player: Multiple vulnerabilities
2008-01-21 00:00:00
Flash Player < 7.0.73.0 / 9.0.115.0 Multiple Vulnerabilities (APSB07-20)
2007-12-19 00:00:00
RHEL 3 / 4 / 5 : flash-plugin (RHSA-2007:1126)
2009-08-24 00:00:00
suse
suse
remote code execution in flash-player
2007-12-21 16:24:32
remote code execution in flash-player
2008-04-11 13:28:58
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2008-01-20 00:00:00
Adobe Flash Player: Multiple vulnerabilities
2008-04-18 00:00:00
PCRE: Multiple vulnerabilities
2007-11-20 00:00:00
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2007-12-18 00:00:00
linux-flashplugin -- multiple vulnerabilities
2008-10-15 00:00:00
pcre -- arbitrary code execution
2007-11-05 00:00:00
securityvulns
securityvulns
Adobe Flash Player multiple security vulnerabilities
2008-01-03 00:00:00
[Full-disclosure] TPTI-07-21: Adobe Flash Player JPG Processing Heap Overflow Vulnerability
2007-12-20 00:00:00
[Full-disclosure] CVE-2007-6244: Adobe Flash Player ActiveX Control Universal Cross-Site Scripting Vulnerability
2007-12-20 00:00:00
prion
prion
Cross site scripting
2007-10-08 23:17:00
Cross site scripting
2009-02-05 01:30:00
Server side request forgery (ssrf)
2007-12-20 01:46:00
nvd
nvd
CVE-2007-5275
2007-10-08 23:17:00
CVE-2008-6062
2009-02-05 01:30:00
CVE-2007-6244
2007-12-20 01:46:00
cve
cve
CVE-2007-5275
2007-10-08 23:17:00
CVE-2008-6062
2009-02-05 01:30:00
CVE-2007-6242
2007-12-20 01:46:00
ubuntucve
ubuntucve
CVE-2007-5275
2007-10-08 00:00:00
CVE-2007-6245
2007-12-20 00:00:00
CVE-2007-6242
2007-12-20 00:00:00
cvelist
cvelist
CVE-2007-5275
2007-10-08 23:00:00
CVE-2008-6062
2009-02-05 01:00:00
CVE-2007-6242
2007-12-20 01:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player ActiveX Control navigateToURL Cross-Site Scripting (CVE-2007-6244)
2010-07-19 00:00:00
Adobe Flash Player JPG Embedded SWF Processing Heap Overflow (CVE-2007-6242)
2009-10-05 00:00:00
jvn
jvn
JVN#50876069 Flash Player allows to send arbitrary HTTP headers
2007-12-20 00:00:00
JVN#45675516 Flash Player vulnerable in handling cross-domain policy files
2007-12-20 00:00:00
cert
cert
Adobe Flash Player asfunction protocol may enable cross-site scripting
2007-12-19 00:00:00
Adobe Flash Player may load arbitrary, malformed cross-domain policy files
2008-03-25 00:00:00
seebug
seebug
Adobe Flash Player ActiveX控件通用跨站脚本漏洞
2007-12-21 00:00:00
Adobe Flash Player JPG头处理远程堆缓冲区溢出漏洞
2007-12-21 00:00:00
Adobe Flash Player ActionScript SecurityErrorEvent绕过安全限制漏洞
2007-12-22 00:00:00
debiancve
debiancve
CVE-2007-4768
2007-11-07 23:46:00
redhat
redhat
(RHSA-2008:0221) Critical: flash-plugin security update
2008-04-08 00:00:00
(RHSA-2008:0945) Critical: flash-plugin security update
2008-10-28 00:00:00
(RHSA-2008:0980) Critical: flash-plugin security update
2008-11-12 00:00:00
osv
osv
pcre3 - arbitrary code execution
2007-11-05 00:00:00
debian
debian
[SECURITY] [DSA 1399-1] New pcre3 packages fix arbitrary code execution
2007-11-05 20:22:19
[SECURITY] [DSA 1570-1] New kazehakase packages fix execution of arbitrary code
2008-05-06 18:49:36
ubuntu
ubuntu
PCRE vulnerabilities
2007-11-27 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: pcre-7.3-3.fc7
2008-03-06 16:37:25

0.959 High

EPSS

Percentile

99.5%

JSON
Related for RHSA-2007:1126
openvas43nessus33suse2gentoo3freebsd3securityvulns11prion10nvd10cve10ubuntucve8cvelist10checkpoint_advisories2jvn2cert2seebug4debiancve1redhat3osv1debian2ubuntu1fedora1