CVE-2007-6148

CWE-3993 documents3 sources

Severity

10.0CRITICAL

EPSS

23.8%

top 3.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Connect Enterprise Server Adobe Flash Media Server 2

Timeline

PublishedFeb 13

Latest updateMay 1

Description

Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to execute arbitrary code via an unspecified sequence of Real Time Message Protocol (RTMP) requests.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDadobe/connect_enterprise_server6

▶NVDadobe/flash_media2.0.4

Patches

Patch: secunia.com ↗Patch: www.adobe.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-7v7w-3hh3-rxmv: Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2↗2022-05-01

▶

CVEList

CVE-2007-6148: Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2↗2008-02-13

▶