CVE-2007-4324

Sažetak

ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not. NOTE: 9.0.115.0 introduces support for a workaround, but does not fix the vulnerability.

Reference

http://kb.adobe.com/selfservice/viewContent.do?externalId=kb402956&sliceId=2
http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
http://scan.flashsec.org/
http://secunia.com/advisories/28157
http://secunia.com/advisories/28161
http://secunia.com/advisories/28213
http://secunia.com/advisories/28570
http://secunia.com/advisories/30507
http://secunia.com/advisories/32270
http://secunia.com/advisories/32448
http://secunia.com/advisories/32702
http://secunia.com/advisories/32759
http://secunia.com/advisories/33390
http://securityreason.com/securityalert/2995
http://securitytracker.com/id?1019116
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1
http://support.avaya.com/elmodocs2/security/ASA-2008-440.htm
http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=834256&poid=
http://www.adobe.com/devnet/flashplayer/articles/fplayer10_security_changes.html
http://www.adobe.com/support/security/bulletins/apsb07-20.html
http://www.adobe.com/support/security/bulletins/apsb08-18.html
http://www.gentoo.org/security/en/glsa/glsa-200801-07.xml
http://www.redhat.com/support/errata/RHSA-2007-1126.html
http://www.redhat.com/support/errata/RHSA-2008-0945.html
http://www.redhat.com/support/errata/RHSA-2008-0980.html
http://www.securityfocus.com/archive/1/475961/100/0/threaded
http://www.securityfocus.com/bid/25260
http://www.us-cert.gov/cas/techalerts/TA07-355A.html
http://www.vupen.com/english/advisories/2007/4258
http://www.vupen.com/english/advisories/2008/1724/references
http://www.vupen.com/english/advisories/2008/2838
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11874

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

15-10-2018 - 21:34

Objavljeno

14-08-2007 - 00:17