CVE-2008-4824 — Improper Input Validation in Adobe Flash Player

CWE-20 — Improper Input Validation4 documents4 sources

Severity

9.3CRITICALNVD

EPSS

49.0%

top 2.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Flash Player

Timeline

PublishedNov 17

Latest updateMay 14

Description

Multiple unspecified vulnerabilities in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0 allow remote attackers to execute arbitrary code via unknown vectors related to "input validation errors."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDadobe/flash_player9.0.16.0 — 9.0.151.0+1

Patches

Patch: www.adobe.com ↗Patch: www.adobe.com ↗

🔴Vulnerability Details

GHSA

GHSA-3qjf-w8wq-4wwh: Multiple unspecified vulnerabilities in Adobe Flash Player 10↗2022-05-14

▶

📋Vendor Advisories

Red Hat

security flaw↗2008-11-17

▶

💬Community

Bugzilla

CVE-2008-4824 security flaw↗2018-08-16

▶