CVE-2008-1655

Properties

Published:
08.04.2008
Updated:
21.08.2010
Patch available:
Severity:
Medium
CVSS vector:
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Product:
adobe: flex

Vulnerability description

Unspecified vulnerability in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, makes it easier for remote attackers to conduct DNS rebinding attacks via unknown vectors.

References:

CERT: http://www.us-cert.gov/cas/techalerts/TA08-150A.html
CERT: http://www.us-cert.gov/cas/techalerts/TA08-100A.html
XF: http://xforce.iss.net/xforce/xfdb/41807
BID: http://www.securityfocus.com/bid/28697
REDHAT: http://www.redhat.com/support/errata/RHSA-2008-0221.html
CONFIRM: http://www.adobe.com/support/security/bulletins/apsb08-11.html
MISC: http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security.html#goal_dns
OVAL: http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10724
SECTRACK: http://www.securitytracker.com/id?1019808
OSVDB: http://www.osvdb.org/44283
GENTOO: http://www.gentoo.org/security/en/glsa/glsa-200804-21.xml
VUPEN: http://www.frsirt.com/english/advisories/2008/1724/references
VUPEN: http://www.frsirt.com/english/advisories/2008/1697
SUNALERT: http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
SECUNIA: http://secunia.com/advisories/30507
SECUNIA: http://secunia.com/advisories/30430
SECUNIA: http://secunia.com/advisories/29865
SECUNIA: http://secunia.com/advisories/29763
SUSE: http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html
APPLE: http://lists.apple.com/archives/security-announce/2008//May/msg00001.html