CVE-2007-6242
published 2007-12-20CVE-2007-6242: Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to…
PriorityP344medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
30.06%
98.0th percentile
Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to "input validation errors."
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | flash_player | 9.0.16.0 – 9.0.48.0 | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m227-w3jm-cmgq: Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by Adobe Dreamweaver, when the Insert Flash
ghsa_unreviewed·2022-05-14·CVSS 6.8
CVE-2008-6062 [MEDIUM] CWE-79 GHSA-m227-w3jm-cmgq: Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by Adobe Dreamweaver, when the Insert Flash
Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by Adobe Dreamweaver, when the Insert Flash Video feature is used, allows remote attackers to inject arbitrary web script or HTML via an asfunction: URI in the skinName parameter. NOTE: this may overlap CVE-2007-6242, CVE-2007-6244, or CVE-2007-6637.
GHSA
GHSA-9www-c4ch-pp3w: Unspecified vulnerability in Adobe Flash Player 9
ghsa_unreviewed·2022-05-01
CVE-2007-6242 [MEDIUM] CWE-20 GHSA-9www-c4ch-pp3w: Unspecified vulnerability in Adobe Flash Player 9
Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to "input validation errors."
Red Hat
flash: abitrary code execution
vendor_redhat·2007-12-17·CVSS 6.8
CVE-2007-6242 [MEDIUM] flash: abitrary code execution
flash: abitrary code execution
Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to "input validation errors."
No detection rules found.
No public exploits indexed.
http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.htmlhttp://secunia.com/advisories/28157http://secunia.com/advisories/28161http://secunia.com/advisories/28213http://secunia.com/advisories/28570http://secunia.com/advisories/30507http://securitytracker.com/id?1019116http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1http://www.adobe.com/support/security/bulletins/apsb07-20.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200801-07.xmlhttp://www.redhat.com/support/errata/RHSA-2007-1126.htmlhttp://www.securityfocus.com/bid/26951http://www.us-cert.gov/cas/techalerts/TA07-355A.htmlhttp://www.vupen.com/english/advisories/2007/4258http://www.vupen.com/english/advisories/2008/1724/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/39128https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9188http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.htmlhttp://secunia.com/advisories/28157http://secunia.com/advisories/28161http://secunia.com/advisories/28213http://secunia.com/advisories/28570http://secunia.com/advisories/30507http://securitytracker.com/id?1019116http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1http://www.adobe.com/support/security/bulletins/apsb07-20.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200801-07.xmlhttp://www.redhat.com/support/errata/RHSA-2007-1126.htmlhttp://www.securityfocus.com/bid/26951http://www.us-cert.gov/cas/techalerts/TA07-355A.htmlhttp://www.vupen.com/english/advisories/2007/4258http://www.vupen.com/english/advisories/2008/1724/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/39128https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9188
2007-12-20
Published