CVE-2008-1655

critical

Description

Unspecified vulnerability in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, makes it easier for remote attackers to conduct DNS rebinding attacks via unknown vectors.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10724

https://exchange.xforce.ibmcloud.com/vulnerabilities/41807

http://www.vupen.com/english/advisories/2008/1724/references

http://www.vupen.com/english/advisories/2008/1697

http://www.us-cert.gov/cas/techalerts/TA08-150A.html

http://www.us-cert.gov/cas/techalerts/TA08-100A.html

http://www.securitytracker.com/id?1019808

http://www.securityfocus.com/bid/28697

http://www.redhat.com/support/errata/RHSA-2008-0221.html

http://www.osvdb.org/44283

http://www.gentoo.org/security/en/glsa/glsa-200804-21.xml

http://www.adobe.com/support/security/bulletins/apsb08-11.html

http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security.html#goal_dns

http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1

http://secunia.com/advisories/30507

http://secunia.com/advisories/30430

http://secunia.com/advisories/29865

http://secunia.com/advisories/29763

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html

http://lists.apple.com/archives/security-announce/2008//May/msg00001.html

Details

Source: Mitre, NVD

Published: 2008-04-09

Updated: 2017-09-29

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

Detections

Analytics