CVE-2008-4503 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-4503
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-4503

Description: The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to cause victims to unknowingly click on a link or dialog via access control dialogs disguised as normal graphical elements, as demonstrated by hijacking the camera or microphone, and related to "clickjacking."

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/45721 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1 ST 1020996 SAID Secunia Advisory: SA32702 Secunia Advisory: SA33390 Secunia Advisory: SA34226 Secunia Advisory: SA32163 Secunia Advisory: SA32448 Secunia Advisory: SA32759 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0945.html http://www.redhat.com/support/errata/RHSA-2008-0980.html MISC http://ha.ckers.org/blog/20081007/clickjacking-details/ http://blog.guya.net/2008/10/07/malicious-camera-spying-using-clickjacking/ GENTOO http://security.gentoo.org/glsa/glsa-200903-23.xml CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-440.htm http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm http://www.adobe.com/support/security/advisories/apsa08-08.html http://www.adobe.com/support/security/bulletins/apsb08-18.html BID 31625

Return to the previous page.