Adobe Flash Player ActiveX Control 'navigateToURL' API Cross Domain Scripting Vulnerability

Bugtraq ID: 26960
Class: Origin Validation Error
CVE: CVE-2007-6244
Remote: Yes
Local: No
Published: Dec 18 2007 12:00AM
Updated: Jul 15 2008 11:09PM
Credit: Adobe credits Adam Barth and Collin Jackson of Stanford University with the discovery of this vulnerability.
Vulnerable: Turbolinux wizpy 0
Turbolinux FUJI 0
SuSE SUSE Linux Enterprise Desktop 10 SP1
Sun Solaris 10.0_x86
Sun Solaris 10.0
Sun OpenSolaris build snv_88
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 10.1
RedHat Enterprise Linux Extras 4.6.z
RedHat Enterprise Linux Extras 4.5.z
RedHat Enterprise Linux Extras 4
RedHat Enterprise Linux Extras 3
Red Hat Enterprise Linux Supplementary 5 server
Red Hat Enterprise Linux Desktop Supplementary 5 client
Nortel Networks Self-Service - CCSS7 0
Nortel Networks Peri Workstation 0
Nortel Networks Peri Application 0
Nortel Networks Media Processing Svr 1000 Rel 3.0
Gentoo Linux
Adobe Flash Player 9.0.48.0
Adobe Flash Player 9.0.47.0
Adobe Flash Player 9.0.45.0
Adobe Flash Player 9.0.31.0
Adobe Flash Player 9.0.28.0
Adobe Flash Player 8.0.35.0
Adobe Flash Player 8.0.34.0
Adobe Flash Player 7.0.70.0
Adobe Flash Player 7.0.69.0
Not Vulnerable: Adobe Flash Player 9.0.115.0


 

Privacy Statement
Copyright 2010, SecurityFocus