CVE-2007-4324

Severity

50%

Complexity

99%

Confidentiality

48%

ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not. NOTE: 9.0.115.0 introduces support for a workaround, but does not fix the vulnerability.

ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not. NOTE: 9.0.115.0 introduces support for a workaround, but does not fix the vulnerability.

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N).

Overview

First reported 17 years ago

2007-08-14 00:17:00

Last updated 6 years ago

2018-10-15 21:34:00

Affected Software

アドビシステムズ フラッシュプレーヤー

References

http://kb.adobe.com/selfservice/viewContent.do?externalId=kb402956&sliceId=2

SUSE-SA:2007:069

SUSE-SR:2008:025

http://scan.flashsec.org/

28157

Vendor Advisory

28161

Vendor Advisory

28213

28570

30507

32270

32448

32702

32759

33390

2995

1019116

238305

248586

http://support.avaya.com/elmodocs2/security/ASA-2008-440.htm

http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=834256&poid=

http://www.adobe.com/devnet/flashplayer/articles/fplayer10_security_changes.html

http://www.adobe.com/support/security/bulletins/apsb07-20.html

http://www.adobe.com/support/security/bulletins/apsb08-18.html

GLSA-200801-07

RHSA-2007:1126

RHSA-2008:0945

RHSA-2008:0980

20070809 Design flaw in AS3 socket handling allows port probing

25260

TA07-355A

US Government Resource

ADV-2007-4258

ADV-2008-1724

ADV-2008-2838

oval:org.mitre.oval:def:11874

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.