CVE-2007-6243 Information

Feb 14, 2021 cve

Description

Adobe Flash Player 9.x up to 9.0.48.0 8.x up to 8.0.35.0 and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks.

Reference

http://jvn.jp/jp/JVN2345675516/index.html http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html http://secunia.com/advisories/28161 http://secunia.com/advisories/28213 http://secunia.com/advisories/28570 http://secunia.com/advisories/29763 http://secunia.com/advisories/29865 http://secunia.com/advisories/30430 http://secunia.com/advisories/30507 http://secunia.com/advisories/32448 http://secunia.com/advisories/32702 http://secunia.com/advisories/32759 http://secunia.com/advisories/33390 http://securitytracker.com/id?1019116 http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1 http://support.avaya.com/elmodocs2/security/ASA-2008-440.htm http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=834256&poid= http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security.html http://www.adobe.com/support/security/bulletins/apsb07-20.html http://www.adobe.com/support/security/bulletins/apsb08-11.html http://www.gentoo.org/security/en/glsa/glsa-200801-07.xml http://www.gentoo.org/security/en/glsa/glsa-200804-21.xml http://www.kb.cert.org/vuls/id/935737 http://www.redhat.com/support/errata/RHSA-2008-0221.html http://www.redhat.com/support/errata/RHSA-2008-0945.html http://www.redhat.com/support/errata/RHSA-2008-0980.html http://www.securityfocus.com/bid/26929 http://www.securityfocus.com/bid/26966 http://www.us-cert.gov/cas/techalerts/TA07-355A.html http://www.us-cert.gov/cas/techalerts/TA08-100A.html http://www.us-cert.gov/cas/techalerts/TA08-150A.html http://www.vupen.com/english/advisories/2007/4258 http://www.vupen.com/english/advisories/2008/1697 http://www.vupen.com/english/advisories/2008/1724/references https://exchange.xforce.ibmcloud.com/vulnerabilities/39129 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11069

Share on: