CVE-2008-5109

Sažetak

The default configuration of Adobe Flash Media Server (FMS) 3.0 does not enable SWF Verification for (1) RTMPE and (2) RTMPTE sessions, which makes it easier for remote attackers to make copies of video content via stream-capture software.

Reference

http://secunia.com/advisories/32771
http://www.adobe.com/support/security/advisories/apsa08-11.html
http://www.osvdb.org/49952

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

26-11-2008 - 05:00

Objavljeno

25-11-2008 - 23:30