CVE-2008-3872

EUVD-2008-3858
Adobe Flash Player 8.0.39.0 and earlier, and 9.x up to 9.0.115.0, allows remote attackers to bypass the allowScriptAccess parameter setting via a crafted SWF file with unspecified "Filter evasion" manipulations.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
Affected Products (NVD)
VendorProductVersion
adobeflash_player
8.0 ≤
𝑥
≤ 8.0.39.0
adobeflash_player
9.0 ≤
𝑥
≤ 9.0.115.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
flashplugin-nonfree
dapper
ignored
feisty
ignored
gutsy
not-affected
hardy
not-affected
intrepid
not-affected
jaunty
not-affected
karmic
not-affected
Common Weakness Enumeration
References
http://taviso.decsystem.org/research.html
http://www.adobe.com/support/security/bulletins/apsb08-11.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/45713
http://taviso.decsystem.org/research.html
http://www.adobe.com/support/security/bulletins/apsb08-11.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/45713