exploitDog

CVE-2008-5109

Опубликовано: 25 нояб. 2008

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The default configuration of Adobe Flash Media Server (FMS) 3.0 does not enable SWF Verification for (1) RTMPE and (2) RTMPTE sessions, which makes it easier for remote attackers to make copies of video content via stream-capture software.

Ссылки

http://secunia.com/advisories/32771
Vendor Advisory
http://www.adobe.com/support/security/advisories/apsa08-11.html
Patch
Vendor Advisory
http://www.osvdb.org/49952
http://secunia.com/advisories/32771
Vendor Advisory
http://www.adobe.com/support/security/advisories/apsa08-11.html
Patch
Vendor Advisory
http://www.osvdb.org/49952

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:adobe:flash_media_server:3.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_media_server:3.5:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.01504

Низкий

5 Medium

CVSS2

Дефекты

CWE-16

Связанные уязвимости

GHSA-x9v6-pr54-q32q

github

больше 3 лет назад

The default configuration of Adobe Flash Media Server (FMS) 3.0 does not enable SWF Verification for (1) RTMPE and (2) RTMPTE sessions, which makes it easier for remote attackers to make copies of video content via stream-capture software.

EPSS

Процентиль: 81%

0.01504

Низкий

5 Medium

CVSS2

Дефекты

CWE-16