CVE-2008-3872 — Adobe Flash Player vulnerability

CWE-2644 documents4 sources

Severity

9.3CRITICALNVD

EPSS

2.1%

top 15.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Flash Player

Timeline

PublishedOct 6

Latest updateMay 2

Description

Adobe Flash Player 8.0.39.0 and earlier, and 9.x up to 9.0.115.0, allows remote attackers to bypass the allowScriptAccess parameter setting via a crafted SWF file with unspecified "Filter evasion" manipulations.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDadobe/flash_player8.0 — 8.0.39.0+1

🔴Vulnerability Details

GHSA

GHSA-gm92-x63w-j26f: Adobe Flash Player 8↗2022-05-02

▶

📋Vendor Advisories

Red Hat

security flaw↗2008-04-08

▶

💬Community

Bugzilla

CVE-2008-3872 security flaw↗2018-08-16

▶