ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not. NOTE: 9.0.115.0 introduces support for a workaround, but does not fix the vulnerability.
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11874
http://www.vupen.com/english/advisories/2008/2838
http://www.vupen.com/english/advisories/2008/1724/references
http://www.vupen.com/english/advisories/2007/4258
http://www.us-cert.gov/cas/techalerts/TA07-355A.html
http://www.securityfocus.com/bid/25260
http://www.securityfocus.com/archive/1/475961/100/0/threaded
http://www.redhat.com/support/errata/RHSA-2008-0980.html
http://www.redhat.com/support/errata/RHSA-2008-0945.html
http://www.redhat.com/support/errata/RHSA-2007-1126.html
http://www.gentoo.org/security/en/glsa/glsa-200801-07.xml
http://www.adobe.com/support/security/bulletins/apsb08-18.html
http://www.adobe.com/support/security/bulletins/apsb07-20.html
http://www.adobe.com/devnet/flashplayer/articles/fplayer10_security_changes.html
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=834256&poid=
http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm
http://support.avaya.com/elmodocs2/security/ASA-2008-440.htm
http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
http://securitytracker.com/id?1019116
http://securityreason.com/securityalert/2995
http://secunia.com/advisories/33390
http://secunia.com/advisories/32759
http://secunia.com/advisories/32702
http://secunia.com/advisories/32448
http://secunia.com/advisories/32270
http://secunia.com/advisories/30507
http://secunia.com/advisories/28570
http://secunia.com/advisories/28213
http://secunia.com/advisories/28161
http://secunia.com/advisories/28157
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html
http://kb.adobe.com/selfservice/viewContent.do?externalId=kb402956&sliceId=2