Adobe Flash Player DNS Rebinding Vulnerability
|
Bugtraq ID:
|
26930
|
|
Class:
|
Design Error
|
|
CVE:
|
CVE-2007-5275
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Dec 18 2007 12:00AM
|
|
Updated:
|
Jul 15 2008 11:09PM
|
|
Credit:
|
Dan Boneh, Adam Barth, Andrew Bortz, Collin Jackson, and Weidong Shao of Stanford University are credited with the discovery of this vulnerability.
|
|
Vulnerable:
|
Turbolinux wizpy 0
Turbolinux FUJI 0
SuSE SUSE Linux Enterprise Desktop 10 SP1
Sun Solaris 10.0_x86
Sun Solaris 10.0
Sun OpenSolaris build snv_88
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Novell Linux Desktop 9
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 10.1
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
RedHat Enterprise Linux Extras 4.5.z
RedHat Enterprise Linux Extras 4
RedHat Enterprise Linux Extras 3
Red Hat Enterprise Linux Supplementary 5 server
Red Hat Enterprise Linux Desktop Supplementary 5 client
Nortel Networks Self-Service - CCSS7 0
Nortel Networks Peri Workstation 0
Nortel Networks Peri Application 0
Nortel Networks Media Processing Svr 1000 Rel 3.0
Gentoo Linux
Apple Mac OS X Server 10.5.2
Apple Mac OS X Server 10.5.1
Apple Mac OS X Server 10.4.11
Apple Mac OS X Server 10.5
Apple Mac OS X 10.5.2
Apple Mac OS X 10.5.1
Apple Mac OS X 10.4.11
Apple Mac OS X 10.0
Apple Mac OS X 10.5
Adobe Flex 3.0
Adobe Flash Professional 8
Adobe Flash Player 9.0.48.0
Adobe Flash Player 9.0.47.0
Adobe Flash Player 9.0.45.0
Adobe Flash Player 9.0.31.0
Adobe Flash Player 9.0.28.0
Adobe Flash Player 9.0.115.0
Adobe Flash Player 8.0.34.0
Adobe Flash Player 7.0.69.0
Adobe Flash CS3 Professional 0
Adobe Flash Basic 8
Adobe AIR 1.0
|
|
|
|
Not Vulnerable:
|
Adobe Flash Professional 8 8.0.42.0
Adobe Flash Player 9.0.124 .0
Adobe Flash Basic 8.0.42.0
Adobe AIR 1.01
|
|
