Adobe Connect Enterprise Server vulnerabilities

CVE-2007-6431 [CRITICAL] CVE-2007-6431: Unspecified vulnerability in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server Unspecified vulnerability in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to "take control of the affected system" via unspecified vectors, a different issue than CVE-2007-6148 and CVE-2007-6149.

CVE-2007-6149 [CRITICAL] CWE-189 CVE-2007-6149: Multiple integer overflows in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connec Multiple integer overflows in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allow remote attackers to execute arbitrary code via a Real Time Message Protocol (RTMP) message with a crafted integer field that is used for allocation.

CVE-2007-6148 [CRITICAL] CWE-399 CVE-2007-6148: Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Conn Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to execute arbitrary code via an unspecified sequence of Real Time Message Protocol (RTMP) requests.

CVE-2007-4651 [MEDIUM] CWE-264 CVE-2007-4651: Unspecified vulnerability in Adobe Connect Enterprise Server 6 allows remote attackers to read certa Unspecified vulnerability in Adobe Connect Enterprise Server 6 allows remote attackers to read certain pages that are restricted to the administrator via unknown vectors.