Adobe Flash Player Arbitrary Cross Domain HTTP Request Headers Security Vulnerability

Bugtraq ID: 28696
Class: Design Error
CVE: CVE-2008-1654
Remote: Yes
Local: No
Published: Apr 02 2008 12:00AM
Updated: Jul 15 2008 11:09PM
Credit: Tom Gallagher
Vulnerable: Turbolinux wizpy 0
Turbolinux FUJI 0
SuSE SUSE Linux Enterprise Desktop 10 SP1
Sun Solaris 10.0_x86
Sun Solaris 10.0
Sun OpenSolaris build snv_88
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
S.u.S.E. Novell Linux Desktop 9
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
RedHat Enterprise Linux Extras 4
RedHat Enterprise Linux Extras 3
Red Hat Enterprise Linux Supplementary 5 server
Red Hat Enterprise Linux Desktop Supplementary 5 client
Nortel Networks Self-Service Peri Workstation 0
Nortel Networks Self-Service Peri Application 0
Nortel Networks Self-Service MPS 1000 0
Nortel Networks Self-Service Media Processing Server 0
Nortel Networks Self-Service - CCSS7 0
Nortel Networks Self-Service 0
Gentoo Linux
Apple Mac OS X Server 10.5.2
Apple Mac OS X Server 10.5.1
Apple Mac OS X Server 10.4.11
Apple Mac OS X Server 10.5
Apple Mac OS X 10.5.2
Apple Mac OS X 10.5.1
Apple Mac OS X 10.4.11
Apple Mac OS X 10.5
Adobe Flex 3.0
Adobe Flash Professional 8
Adobe Flash Player 9.0.48.0
Adobe Flash Player 9.0.47.0
Adobe Flash Player 9.0.45.0
Adobe Flash Player 9.0.31.0
Adobe Flash Player 9.0.28.0
Adobe Flash Player 9.0.115.0
Adobe Flash Player 9
Adobe Flash Player 8.0.35.0
Adobe Flash Player 8.0.34.0
Adobe Flash CS3 Professional 0
Adobe Flash Basic 8
Adobe AIR 1.0
Not Vulnerable: Adobe Flash Professional 8 8.0.42.0
Adobe Flash Player 9.0.124 .0
Adobe Flash Basic 8.0.42.0
Adobe AIR 1.01


 

Privacy Statement
Copyright 2010, SecurityFocus