Описание
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks.
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-6243
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39129
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11069
- http://jvn.jp/jp/JVN%2345675516/index.html
- http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
- http://secunia.com/advisories/28161
- http://secunia.com/advisories/28213
- http://secunia.com/advisories/28570
- http://secunia.com/advisories/29763
- http://secunia.com/advisories/29865
- http://secunia.com/advisories/30430
- http://secunia.com/advisories/30507
- http://secunia.com/advisories/32448
- http://secunia.com/advisories/32702
- http://secunia.com/advisories/32759
- http://secunia.com/advisories/33390
- http://securitytracker.com/id?1019116
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1
- http://support.avaya.com/elmodocs2/security/ASA-2008-440.htm
- http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=834256&poid=
- http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security.html
- http://www.adobe.com/support/security/bulletins/apsb07-20.html
- http://www.adobe.com/support/security/bulletins/apsb08-11.html
- http://www.gentoo.org/security/en/glsa/glsa-200801-07.xml
- http://www.gentoo.org/security/en/glsa/glsa-200804-21.xml
- http://www.kb.cert.org/vuls/id/935737
- http://www.redhat.com/support/errata/RHSA-2008-0221.html
- http://www.redhat.com/support/errata/RHSA-2008-0945.html
- http://www.redhat.com/support/errata/RHSA-2008-0980.html
- http://www.securityfocus.com/bid/26929
- http://www.securityfocus.com/bid/26966
- http://www.us-cert.gov/cas/techalerts/TA07-355A.html
- http://www.us-cert.gov/cas/techalerts/TA08-100A.html
- http://www.us-cert.gov/cas/techalerts/TA08-150A.html
- http://www.vupen.com/english/advisories/2007/4258
- http://www.vupen.com/english/advisories/2008/1697
- http://www.vupen.com/english/advisories/2008/1724/references
EPSS
CVE ID
Связанные уязвимости
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks.
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks.
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks.
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up ...
EPSS