CVE-2007-6244 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-6244
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-6244

Description: Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via (1) a SWF file that uses the asfunction: protocol or (2) the navigateToURL function when used with the Flash Player ActiveX Control in Internet Explorer.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/39130 http://xforce.iss.net/xforce/xfdb/39131 SUSE http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1 ST 1019116 SAID Secunia Advisory: SA28213 Secunia Advisory: SA28570 Secunia Advisory: SA28161 Secunia Advisory: SA28157 Secunia Advisory: SA30507 REDHAT http://www.redhat.com/support/errata/RHSA-2007-1126.html MISC http://crypto.stanford.edu/advisories/CVE-2007-6244/ GENTOO http://www.gentoo.org/security/en/glsa/glsa-200801-07.xml CONFIRM http://www.adobe.com/support/security/bulletins/apsb07-20.html CERT-VN 758769 CERT http://www.us-cert.gov/cas/techalerts/TA07-355A.html BID 26929 26949 26960

Return to the previous page.