10
CVSSv2

CVE-2008-4401

Published: 17/10/2008 Updated: 30/10/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

ActionScript in Adobe Flash Player 9.0.124.0 and previous versions does not require user interaction in conjunction with (1) the FileReference.browse operation in the FileReference upload API or (2) the FileReference.download operation in the FileReference download API, which allows remote malicious users to create a browse dialog box, and possibly have unspecified other impact, via an SWF file.

Vulnerable Product Search on Vulmon Subscribe to Product

adobe flash player 8.0.24.0

adobe flash player

adobe flash player 7.1.1

adobe flash player 7.0.63

adobe flash player 7.0.70.0

adobe flash player 8.0.35.0

adobe flash player 9.0.114.0

adobe flash player 9.0.112.0

adobe flash player 7.0.69.0

adobe flash player 7.0

adobe flash player 7.2

adobe flash player 7.0 r67

adobe flash player 9.0.115.0

adobe flash player 7.0.25

adobe flash player 8.0

adobe flash player 8.0.39.0

adobe flash player 8.0.34.0

adobe flash player 7.1

adobe flash player 7.0.1

adobe flash player 9.0

Vendor Advisories

Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An updated Adobe Flash Player package that fixes several security issues isnow available for Red Hat Enterprise Linux 3 and 4 ExtrasThis update has been rated as having critical security impact by the RedHat Sec ...
Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An updated Adobe Flash Player package that fixes several security issues isnow available for Red Hat Enterprise Linux 5 SupplementaryThis update has been rated as having critical security impact by the RedHat Se ...