CVE-2008-1834

EUVD-2008-1834
swfdec_load_object.c in Swfdec before 0.6.4 does not properly restrict local file access from untrusted sandboxes, which allows remote attackers to read arbitrary files via a crafted Flash file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
Affected Products (NVD)
VendorProductVersion
swfdecswfdec
𝑥
≤ 0.6.2
swfdecswfdec
0.4.0
swfdecswfdec
0.4.1
swfdecswfdec
0.4.2
swfdecswfdec
0.4.3
swfdecswfdec
0.4.4
swfdecswfdec
0.4.5
swfdecswfdec
0.5.0
swfdecswfdec
0.5.1
swfdecswfdec
0.5.2
swfdecswfdec
0.5.3
swfdecswfdec
0.5.4
swfdecswfdec
0.5.5
swfdecswfdec
0.5.90
swfdecswfdec
0.6.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
swfdec0.5
dapper
dne
feisty
dne
gutsy
ignored
hardy
ignored
intrepid
dne
jaunty
dne
karmic
dne
lucid
dne
maverick
dne
natty
dne
oneiric
dne
swfdec0.6
dapper
dne
feisty
dne
gutsy
dne
hardy
not-affected
intrepid
not-affected
jaunty
not-affected
karmic
not-affected
lucid
dne
maverick
dne
natty
dne
oneiric
dne
Common Weakness Enumeration
References
http://gitweb.freedesktop.org/?p=swfdec/swfdec.git%3Ba=commit%3Bh=326ee4ff631ecc11605f1251e1923a94561a3823
http://lists.freedesktop.org/archives/swfdec/2008-April/001321.html
http://secunia.com/advisories/29915
http://www.securityfocus.com/bid/28881
https://exchange.xforce.ibmcloud.com/vulnerabilities/41887
http://gitweb.freedesktop.org/?p=swfdec/swfdec.git%3Ba=commit%3Bh=326ee4ff631ecc11605f1251e1923a94561a3823
http://lists.freedesktop.org/archives/swfdec/2008-April/001321.html
http://secunia.com/advisories/29915
http://www.securityfocus.com/bid/28881
https://exchange.xforce.ibmcloud.com/vulnerabilities/41887