CVE-2007-4324

Description

ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not. NOTE: 9.0.115.0 introduces support for a workaround, but does not fix the vulnerability.

References

Link	Tags
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=834256&poid=
http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html	vendor advisory
http://secunia.com/advisories/28157	third party advisory vendor advisory
http://secunia.com/advisories/33390	third party advisory
http://securityreason.com/securityalert/2995	third party advisory
http://secunia.com/advisories/30507	third party advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11874	vdb entry signature
http://www.adobe.com/support/security/bulletins/apsb08-18.html
http://secunia.com/advisories/28570	third party advisory
http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm
http://secunia.com/advisories/32270	third party advisory
http://secunia.com/advisories/32702	third party advisory
http://www.adobe.com/devnet/flashplayer/articles/fplayer10_security_changes.html
http://www.vupen.com/english/advisories/2008/1724/references	vdb entry
http://www.us-cert.gov/cas/techalerts/TA07-355A.html	third party advisory us government resource
http://www.securityfocus.com/archive/1/475961/100/0/threaded	mailing list
http://www.gentoo.org/security/en/glsa/glsa-200801-07.xml	vendor advisory
http://www.securityfocus.com/bid/25260	vdb entry
http://www.vupen.com/english/advisories/2008/2838	vdb entry
http://scan.flashsec.org/
http://kb.adobe.com/selfservice/viewContent.do?externalId=kb402956&sliceId=2
http://secunia.com/advisories/28161	third party advisory vendor advisory
http://www.redhat.com/support/errata/RHSA-2007-1126.html	vendor advisory
http://secunia.com/advisories/32759	third party advisory
http://www.redhat.com/support/errata/RHSA-2008-0945.html	vendor advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1	vendor advisory
http://www.redhat.com/support/errata/RHSA-2008-0980.html	vendor advisory
http://www.vupen.com/english/advisories/2007/4258	vdb entry
http://support.avaya.com/elmodocs2/security/ASA-2008-440.htm
http://securitytracker.com/id?1019116	vdb entry
http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1	vendor advisory
http://secunia.com/advisories/32448	third party advisory
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html	vendor advisory
http://secunia.com/advisories/28213	third party advisory
http://www.adobe.com/support/security/bulletins/apsb07-20.html

Frequently Asked Questions

What is the severity of CVE-2007-4324?: CVE-2007-4324 has been scored as a medium severity vulnerability.
How to fix CVE-2007-4324?: To fix CVE-2007-4324, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2007-4324 being actively exploited in the wild?: It is possible that CVE-2007-4324 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~26% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-264 – Permissions, Privileges, and Access Controls

References

Frequently Asked Questions