CVE-2008-1834

swfdec_load_object.c in Swfdec before 0.6.4 does not properly restrict local file access from untrusted sandboxes, which allows remote attackers to read arbitrary files via a crafted Flash file.
Configurations

Configuration 1

cpe:2.3:a:swfdec:swfdec:0.4.2:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.5.4:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:*:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.5.5:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.4.4:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.4.5:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.4.3:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.5.3:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.5.90:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.5.0:*:*:*:*:*:*:*

Information

Published : 2008-04-16 04:05

Updated : 2017-08-08 01:30


NVD link : CVE-2008-1834

Mitre link : CVE-2008-1834

Products Affected
No products.
CWE