Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
6 vulnerabilities found for flex_sdk by adobe
CVE-2011-2461 (GCVE-0-2011-2461)
Vulnerability from nvd – Published: 2011-12-01 11:00 – Updated: 2024-08-06 23:00
VLAI
Summary
Cross-site scripting (XSS) vulnerability in the Adobe Flex SDK 3.x and 4.x before 4.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the loading of modules from different domains.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://threatpost.com/adobe-cve-2011-2461-remain… | x_refsource_MISC |
| http://www.adobe.com/support/security/bulletins/a… | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/131376/Magen… | x_refsource_MISC |
| http://secunia.com/advisories/47053 | third-party-advisoryx_refsource_SECUNIA |
| http://blog.mindedsecurity.com/2015/03/the-old-is… | x_refsource_MISC |
| http://kb2.adobe.com/cps/915/cpsid_91544.html | x_refsource_CONFIRM |
| http://blog.nibblesec.org/2015/03/the-old-is-new-… | x_refsource_MISC |
Date Public
2011-11-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:33.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://threatpost.com/adobe-cve-2011-2461-remains-exploitable-four-years-after-patch/111754"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-25.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/131376/Magento-eCommerce-Vulnerable-Adobe-Flex-SDK.html"
},
{
"name": "47053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47053"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.mindedsecurity.com/2015/03/the-old-is-new-again-cve-2011-2461-is.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb2.adobe.com/cps/915/cpsid_91544.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.nibblesec.org/2015/03/the-old-is-new-again-cve-2011-2461-is.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Adobe Flex SDK 3.x and 4.x before 4.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the loading of modules from different domains."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-08T15:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://threatpost.com/adobe-cve-2011-2461-remains-exploitable-four-years-after-patch/111754"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-25.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/131376/Magento-eCommerce-Vulnerable-Adobe-Flex-SDK.html"
},
{
"name": "47053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47053"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.mindedsecurity.com/2015/03/the-old-is-new-again-cve-2011-2461-is.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb2.adobe.com/cps/915/cpsid_91544.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.nibblesec.org/2015/03/the-old-is-new-again-cve-2011-2461-is.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-2461",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Adobe Flex SDK 3.x and 4.x before 4.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the loading of modules from different domains."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://threatpost.com/adobe-cve-2011-2461-remains-exploitable-four-years-after-patch/111754",
"refsource": "MISC",
"url": "https://threatpost.com/adobe-cve-2011-2461-remains-exploitable-four-years-after-patch/111754"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-25.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-25.html"
},
{
"name": "http://packetstormsecurity.com/files/131376/Magento-eCommerce-Vulnerable-Adobe-Flex-SDK.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/131376/Magento-eCommerce-Vulnerable-Adobe-Flex-SDK.html"
},
{
"name": "47053",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47053"
},
{
"name": "http://blog.mindedsecurity.com/2015/03/the-old-is-new-again-cve-2011-2461-is.html",
"refsource": "MISC",
"url": "http://blog.mindedsecurity.com/2015/03/the-old-is-new-again-cve-2011-2461-is.html"
},
{
"name": "http://kb2.adobe.com/cps/915/cpsid_91544.html",
"refsource": "CONFIRM",
"url": "http://kb2.adobe.com/cps/915/cpsid_91544.html"
},
{
"name": "http://blog.nibblesec.org/2015/03/the-old-is-new-again-cve-2011-2461-is.html",
"refsource": "MISC",
"url": "http://blog.nibblesec.org/2015/03/the-old-is-new-again-cve-2011-2461-is.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2011-2461",
"datePublished": "2011-12-01T11:00:00.000Z",
"dateReserved": "2011-06-06T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:00:33.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1879 (GCVE-0-2009-1879)
Vulnerability from nvd – Published: 2009-08-21 17:00 – Updated: 2024-08-07 05:27
VLAI
Summary
Cross-site scripting (XSS) vulnerability in index.template.html in the express-install templates in the SDK in Adobe Flex before 3.4, when the installed Flash version is older than a specified requiredMajorVersion value, allows remote attackers to inject arbitrary web script or HTML via the query string.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1022748 | vdb-entryx_refsource_SECTRACK |
| http://www.adobe.com/support/security/bulletins/a… | x_refsource_CONFIRM |
| http://www.gdssecurity.com/l/b/2009/08/20/adobe-f… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/505948/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/36374 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2009-08-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:27:54.789Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1022748",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022748"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-13.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.gdssecurity.com/l/b/2009/08/20/adobe-flex-3-3-sdk-dom-based-xss/"
},
{
"name": "20090819 Adobe Flex 3.3 SDK DOM-Based XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/505948/100/0/threaded"
},
{
"name": "36374",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36374"
},
{
"name": "flex-indextemplate-xss(52608)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52608"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-08-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in index.template.html in the express-install templates in the SDK in Adobe Flex before 3.4, when the installed Flash version is older than a specified requiredMajorVersion value, allows remote attackers to inject arbitrary web script or HTML via the query string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1022748",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022748"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-13.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.gdssecurity.com/l/b/2009/08/20/adobe-flex-3-3-sdk-dom-based-xss/"
},
{
"name": "20090819 Adobe Flex 3.3 SDK DOM-Based XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/505948/100/0/threaded"
},
{
"name": "36374",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36374"
},
{
"name": "flex-indextemplate-xss(52608)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52608"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.template.html in the express-install templates in the SDK in Adobe Flex before 3.4, when the installed Flash version is older than a specified requiredMajorVersion value, allows remote attackers to inject arbitrary web script or HTML via the query string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1022748",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022748"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb09-13.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-13.html"
},
{
"name": "http://www.gdssecurity.com/l/b/2009/08/20/adobe-flex-3-3-sdk-dom-based-xss/",
"refsource": "MISC",
"url": "http://www.gdssecurity.com/l/b/2009/08/20/adobe-flex-3-3-sdk-dom-based-xss/"
},
{
"name": "20090819 Adobe Flex 3.3 SDK DOM-Based XSS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/505948/100/0/threaded"
},
{
"name": "36374",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36374"
},
{
"name": "flex-indextemplate-xss(52608)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52608"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1879",
"datePublished": "2009-08-21T17:00:00.000Z",
"dateReserved": "2009-06-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:27:54.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3311 (GCVE-0-2006-3311)
Vulnerability from nvd – Published: 2006-09-12 23:00 – Updated: 2024-08-07 18:23
VLAI
Summary
Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
26 references
Date Public
2006-09-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:23:21.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-3573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3573"
},
{
"name": "22054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22054"
},
{
"name": "TA06-318A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-318A.html"
},
{
"name": "22268",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22268"
},
{
"name": "ADV-2006-4507",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4507"
},
{
"name": "VU#451380",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/451380"
},
{
"name": "19980",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19980"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.computerterrorism.com/research/ct12-09-2006.htm"
},
{
"name": "22187",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22187"
},
{
"name": "ADV-2006-3852",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3852"
},
{
"name": "22882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22882"
},
{
"name": "21865",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21865"
},
{
"name": "flashplayer-swf-string-bo(28886)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28886"
},
{
"name": "APPLE-SA-2006-09-29",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html"
},
{
"name": "oval:org.mitre.oval:def:394",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A394"
},
{
"name": "1546",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1546"
},
{
"name": "20060912 Computer Terrorism (UK) :: Incident Response Centre - Adobe/Macromedia Flash Player Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/445825/100/0/threaded"
},
{
"name": "SUSE-SA:2006:053",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_53_flashplayer.html"
},
{
"name": "1016829",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016829"
},
{
"name": "21901",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21901"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb06-11.html"
},
{
"name": "RHSA-2006:0674",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0674.html"
},
{
"name": "ADV-2006-3577",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3577"
},
{
"name": "TA06-275A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-275A.html"
},
{
"name": "MS06-069",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069"
},
{
"name": "GLSA-200610-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200610-02.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-3573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3573"
},
{
"name": "22054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22054"
},
{
"name": "TA06-318A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-318A.html"
},
{
"name": "22268",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22268"
},
{
"name": "ADV-2006-4507",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4507"
},
{
"name": "VU#451380",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/451380"
},
{
"name": "19980",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19980"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.computerterrorism.com/research/ct12-09-2006.htm"
},
{
"name": "22187",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22187"
},
{
"name": "ADV-2006-3852",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3852"
},
{
"name": "22882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22882"
},
{
"name": "21865",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21865"
},
{
"name": "flashplayer-swf-string-bo(28886)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28886"
},
{
"name": "APPLE-SA-2006-09-29",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html"
},
{
"name": "oval:org.mitre.oval:def:394",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A394"
},
{
"name": "1546",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1546"
},
{
"name": "20060912 Computer Terrorism (UK) :: Incident Response Centre - Adobe/Macromedia Flash Player Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/445825/100/0/threaded"
},
{
"name": "SUSE-SA:2006:053",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_53_flashplayer.html"
},
{
"name": "1016829",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016829"
},
{
"name": "21901",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21901"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb06-11.html"
},
{
"name": "RHSA-2006:0674",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0674.html"
},
{
"name": "ADV-2006-3577",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3577"
},
{
"name": "TA06-275A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-275A.html"
},
{
"name": "MS06-069",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069"
},
{
"name": "GLSA-200610-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200610-02.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-3573",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3573"
},
{
"name": "22054",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22054"
},
{
"name": "TA06-318A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-318A.html"
},
{
"name": "22268",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22268"
},
{
"name": "ADV-2006-4507",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4507"
},
{
"name": "VU#451380",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/451380"
},
{
"name": "19980",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19980"
},
{
"name": "http://www.computerterrorism.com/research/ct12-09-2006.htm",
"refsource": "MISC",
"url": "http://www.computerterrorism.com/research/ct12-09-2006.htm"
},
{
"name": "22187",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22187"
},
{
"name": "ADV-2006-3852",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3852"
},
{
"name": "22882",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22882"
},
{
"name": "21865",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21865"
},
{
"name": "flashplayer-swf-string-bo(28886)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28886"
},
{
"name": "APPLE-SA-2006-09-29",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html"
},
{
"name": "oval:org.mitre.oval:def:394",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A394"
},
{
"name": "1546",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1546"
},
{
"name": "20060912 Computer Terrorism (UK) :: Incident Response Centre - Adobe/Macromedia Flash Player Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/445825/100/0/threaded"
},
{
"name": "SUSE-SA:2006:053",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_53_flashplayer.html"
},
{
"name": "1016829",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016829"
},
{
"name": "21901",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21901"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb06-11.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb06-11.html"
},
{
"name": "RHSA-2006:0674",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0674.html"
},
{
"name": "ADV-2006-3577",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3577"
},
{
"name": "TA06-275A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-275A.html"
},
{
"name": "MS06-069",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069"
},
{
"name": "GLSA-200610-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200610-02.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3311",
"datePublished": "2006-09-12T23:00:00.000Z",
"dateReserved": "2006-06-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:23:21.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2461 (GCVE-0-2011-2461)
Vulnerability from cvelistv5 – Published: 2011-12-01 11:00 – Updated: 2024-08-06 23:00
VLAI
Summary
Cross-site scripting (XSS) vulnerability in the Adobe Flex SDK 3.x and 4.x before 4.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the loading of modules from different domains.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://threatpost.com/adobe-cve-2011-2461-remain… | x_refsource_MISC |
| http://www.adobe.com/support/security/bulletins/a… | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/131376/Magen… | x_refsource_MISC |
| http://secunia.com/advisories/47053 | third-party-advisoryx_refsource_SECUNIA |
| http://blog.mindedsecurity.com/2015/03/the-old-is… | x_refsource_MISC |
| http://kb2.adobe.com/cps/915/cpsid_91544.html | x_refsource_CONFIRM |
| http://blog.nibblesec.org/2015/03/the-old-is-new-… | x_refsource_MISC |
Date Public
2011-11-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:33.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://threatpost.com/adobe-cve-2011-2461-remains-exploitable-four-years-after-patch/111754"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-25.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/131376/Magento-eCommerce-Vulnerable-Adobe-Flex-SDK.html"
},
{
"name": "47053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47053"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.mindedsecurity.com/2015/03/the-old-is-new-again-cve-2011-2461-is.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb2.adobe.com/cps/915/cpsid_91544.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.nibblesec.org/2015/03/the-old-is-new-again-cve-2011-2461-is.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Adobe Flex SDK 3.x and 4.x before 4.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the loading of modules from different domains."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-08T15:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://threatpost.com/adobe-cve-2011-2461-remains-exploitable-four-years-after-patch/111754"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-25.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/131376/Magento-eCommerce-Vulnerable-Adobe-Flex-SDK.html"
},
{
"name": "47053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47053"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.mindedsecurity.com/2015/03/the-old-is-new-again-cve-2011-2461-is.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb2.adobe.com/cps/915/cpsid_91544.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.nibblesec.org/2015/03/the-old-is-new-again-cve-2011-2461-is.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-2461",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Adobe Flex SDK 3.x and 4.x before 4.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the loading of modules from different domains."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://threatpost.com/adobe-cve-2011-2461-remains-exploitable-four-years-after-patch/111754",
"refsource": "MISC",
"url": "https://threatpost.com/adobe-cve-2011-2461-remains-exploitable-four-years-after-patch/111754"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-25.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-25.html"
},
{
"name": "http://packetstormsecurity.com/files/131376/Magento-eCommerce-Vulnerable-Adobe-Flex-SDK.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/131376/Magento-eCommerce-Vulnerable-Adobe-Flex-SDK.html"
},
{
"name": "47053",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47053"
},
{
"name": "http://blog.mindedsecurity.com/2015/03/the-old-is-new-again-cve-2011-2461-is.html",
"refsource": "MISC",
"url": "http://blog.mindedsecurity.com/2015/03/the-old-is-new-again-cve-2011-2461-is.html"
},
{
"name": "http://kb2.adobe.com/cps/915/cpsid_91544.html",
"refsource": "CONFIRM",
"url": "http://kb2.adobe.com/cps/915/cpsid_91544.html"
},
{
"name": "http://blog.nibblesec.org/2015/03/the-old-is-new-again-cve-2011-2461-is.html",
"refsource": "MISC",
"url": "http://blog.nibblesec.org/2015/03/the-old-is-new-again-cve-2011-2461-is.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2011-2461",
"datePublished": "2011-12-01T11:00:00.000Z",
"dateReserved": "2011-06-06T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:00:33.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1879 (GCVE-0-2009-1879)
Vulnerability from cvelistv5 – Published: 2009-08-21 17:00 – Updated: 2024-08-07 05:27
VLAI
Summary
Cross-site scripting (XSS) vulnerability in index.template.html in the express-install templates in the SDK in Adobe Flex before 3.4, when the installed Flash version is older than a specified requiredMajorVersion value, allows remote attackers to inject arbitrary web script or HTML via the query string.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1022748 | vdb-entryx_refsource_SECTRACK |
| http://www.adobe.com/support/security/bulletins/a… | x_refsource_CONFIRM |
| http://www.gdssecurity.com/l/b/2009/08/20/adobe-f… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/505948/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/36374 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2009-08-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:27:54.789Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1022748",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022748"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-13.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.gdssecurity.com/l/b/2009/08/20/adobe-flex-3-3-sdk-dom-based-xss/"
},
{
"name": "20090819 Adobe Flex 3.3 SDK DOM-Based XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/505948/100/0/threaded"
},
{
"name": "36374",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36374"
},
{
"name": "flex-indextemplate-xss(52608)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52608"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-08-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in index.template.html in the express-install templates in the SDK in Adobe Flex before 3.4, when the installed Flash version is older than a specified requiredMajorVersion value, allows remote attackers to inject arbitrary web script or HTML via the query string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1022748",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022748"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-13.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.gdssecurity.com/l/b/2009/08/20/adobe-flex-3-3-sdk-dom-based-xss/"
},
{
"name": "20090819 Adobe Flex 3.3 SDK DOM-Based XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/505948/100/0/threaded"
},
{
"name": "36374",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36374"
},
{
"name": "flex-indextemplate-xss(52608)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52608"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.template.html in the express-install templates in the SDK in Adobe Flex before 3.4, when the installed Flash version is older than a specified requiredMajorVersion value, allows remote attackers to inject arbitrary web script or HTML via the query string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1022748",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022748"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb09-13.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-13.html"
},
{
"name": "http://www.gdssecurity.com/l/b/2009/08/20/adobe-flex-3-3-sdk-dom-based-xss/",
"refsource": "MISC",
"url": "http://www.gdssecurity.com/l/b/2009/08/20/adobe-flex-3-3-sdk-dom-based-xss/"
},
{
"name": "20090819 Adobe Flex 3.3 SDK DOM-Based XSS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/505948/100/0/threaded"
},
{
"name": "36374",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36374"
},
{
"name": "flex-indextemplate-xss(52608)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52608"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1879",
"datePublished": "2009-08-21T17:00:00.000Z",
"dateReserved": "2009-06-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:27:54.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3311 (GCVE-0-2006-3311)
Vulnerability from cvelistv5 – Published: 2006-09-12 23:00 – Updated: 2024-08-07 18:23
VLAI
Summary
Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
26 references
Date Public
2006-09-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:23:21.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-3573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3573"
},
{
"name": "22054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22054"
},
{
"name": "TA06-318A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-318A.html"
},
{
"name": "22268",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22268"
},
{
"name": "ADV-2006-4507",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4507"
},
{
"name": "VU#451380",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/451380"
},
{
"name": "19980",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19980"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.computerterrorism.com/research/ct12-09-2006.htm"
},
{
"name": "22187",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22187"
},
{
"name": "ADV-2006-3852",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3852"
},
{
"name": "22882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22882"
},
{
"name": "21865",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21865"
},
{
"name": "flashplayer-swf-string-bo(28886)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28886"
},
{
"name": "APPLE-SA-2006-09-29",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html"
},
{
"name": "oval:org.mitre.oval:def:394",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A394"
},
{
"name": "1546",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1546"
},
{
"name": "20060912 Computer Terrorism (UK) :: Incident Response Centre - Adobe/Macromedia Flash Player Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/445825/100/0/threaded"
},
{
"name": "SUSE-SA:2006:053",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_53_flashplayer.html"
},
{
"name": "1016829",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016829"
},
{
"name": "21901",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21901"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb06-11.html"
},
{
"name": "RHSA-2006:0674",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0674.html"
},
{
"name": "ADV-2006-3577",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3577"
},
{
"name": "TA06-275A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-275A.html"
},
{
"name": "MS06-069",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069"
},
{
"name": "GLSA-200610-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200610-02.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-3573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3573"
},
{
"name": "22054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22054"
},
{
"name": "TA06-318A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-318A.html"
},
{
"name": "22268",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22268"
},
{
"name": "ADV-2006-4507",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4507"
},
{
"name": "VU#451380",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/451380"
},
{
"name": "19980",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19980"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.computerterrorism.com/research/ct12-09-2006.htm"
},
{
"name": "22187",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22187"
},
{
"name": "ADV-2006-3852",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3852"
},
{
"name": "22882",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22882"
},
{
"name": "21865",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21865"
},
{
"name": "flashplayer-swf-string-bo(28886)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28886"
},
{
"name": "APPLE-SA-2006-09-29",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html"
},
{
"name": "oval:org.mitre.oval:def:394",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A394"
},
{
"name": "1546",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1546"
},
{
"name": "20060912 Computer Terrorism (UK) :: Incident Response Centre - Adobe/Macromedia Flash Player Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/445825/100/0/threaded"
},
{
"name": "SUSE-SA:2006:053",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_53_flashplayer.html"
},
{
"name": "1016829",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016829"
},
{
"name": "21901",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21901"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb06-11.html"
},
{
"name": "RHSA-2006:0674",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0674.html"
},
{
"name": "ADV-2006-3577",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3577"
},
{
"name": "TA06-275A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-275A.html"
},
{
"name": "MS06-069",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069"
},
{
"name": "GLSA-200610-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200610-02.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-3573",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3573"
},
{
"name": "22054",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22054"
},
{
"name": "TA06-318A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-318A.html"
},
{
"name": "22268",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22268"
},
{
"name": "ADV-2006-4507",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4507"
},
{
"name": "VU#451380",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/451380"
},
{
"name": "19980",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19980"
},
{
"name": "http://www.computerterrorism.com/research/ct12-09-2006.htm",
"refsource": "MISC",
"url": "http://www.computerterrorism.com/research/ct12-09-2006.htm"
},
{
"name": "22187",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22187"
},
{
"name": "ADV-2006-3852",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3852"
},
{
"name": "22882",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22882"
},
{
"name": "21865",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21865"
},
{
"name": "flashplayer-swf-string-bo(28886)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28886"
},
{
"name": "APPLE-SA-2006-09-29",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html"
},
{
"name": "oval:org.mitre.oval:def:394",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A394"
},
{
"name": "1546",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1546"
},
{
"name": "20060912 Computer Terrorism (UK) :: Incident Response Centre - Adobe/Macromedia Flash Player Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/445825/100/0/threaded"
},
{
"name": "SUSE-SA:2006:053",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_53_flashplayer.html"
},
{
"name": "1016829",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016829"
},
{
"name": "21901",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21901"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb06-11.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb06-11.html"
},
{
"name": "RHSA-2006:0674",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0674.html"
},
{
"name": "ADV-2006-3577",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3577"
},
{
"name": "TA06-275A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-275A.html"
},
{
"name": "MS06-069",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069"
},
{
"name": "GLSA-200610-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200610-02.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3311",
"datePublished": "2006-09-12T23:00:00.000Z",
"dateReserved": "2006-06-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:23:21.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}