CVE-2008-3872

Adobe Flash Player 8.0.39.0 and earlier, and 9.x up to 9.0.115.0, allows remote attackers to bypass the allowScriptAccess parameter setting via a crafted SWF file with unspecified "Filter evasion" manipulations.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
VendorProductVersion
adobeflash_player
8.0 ≤
𝑥
≤ 8.0.39.0
adobeflash_player
9.0 ≤
𝑥
≤ 9.0.115.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
flashplugin-nonfree
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
not-affected
gutsy
not-affected
feisty
ignored
dapper
ignored
Common Weakness Enumeration
References
http://taviso.decsystem.org/research.html
http://www.adobe.com/support/security/bulletins/apsb08-11.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/45713
http://taviso.decsystem.org/research.html
http://www.adobe.com/support/security/bulletins/apsb08-11.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/45713