CVE Vulnerability

CVE-2007-6245

Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks.

5.8 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 4.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

Scope

References
Link Resource
http://www.adobe.com/support/security/bulletins/apsb07-20.html
http://www.redhat.com/support/errata/RHSA-2007-1126.html
http://www.us-cert.gov/cas/techalerts/TA07-355A.html US Government Resource
http://www.securityfocus.com/bid/26929
http://securitytracker.com/id?1019116
http://secunia.com/advisories/28157
http://secunia.com/advisories/28161
http://www.gentoo.org/security/en/glsa/glsa-200801-07.xml
http://secunia.com/advisories/28570
http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html
http://www.securityfocus.com/bid/26969
http://secunia.com/advisories/28213
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
http://secunia.com/advisories/30507
http://www.vupen.com/english/advisories/2008/1724/references
http://www.vupen.com/english/advisories/2007/4258
https://exchange.xforce.ibmcloud.com/vulnerabilities/39134
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9546
Configurations

Configuration 1

cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*
Information

Published : 2007-12-20 01:46

Updated : 2018-10-30 04:26

NVD link : CVE-2007-6245

Mitre link : CVE-2007-6245

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer