Vulnerability Details CVE-2007-6148
Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to execute arbitrary code via an unspecified sequence of Real Time Message Protocol (RTMP) requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.216
EPSS Ranking 95.4%
CVSS Severity
CVSS v2 Score 10.0
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=663
- http://secunia.com/advisories/28946
- http://secunia.com/advisories/28947
- http://www.adobe.com/support/security/bulletins/apsb08-03.html
- http://www.adobe.com/support/security/bulletins/apsb08-04.html
- http://www.securityfocus.com/bid/27762
- http://www.securitytracker.com/id?1019398
- http://www.vupen.com/english/advisories/2008/0538/references
- http://www.vupen.com/english/advisories/2008/0539
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=663
- http://secunia.com/advisories/28946
- http://secunia.com/advisories/28947
- http://www.adobe.com/support/security/bulletins/apsb08-03.html
- http://www.adobe.com/support/security/bulletins/apsb08-04.html
- http://www.securityfocus.com/bid/27762
- http://www.securitytracker.com/id?1019398
- http://www.vupen.com/english/advisories/2008/0538/references
- http://www.vupen.com/english/advisories/2008/0539
Products affected by CVE-2007-6148
-
cpe:2.3:a:adobe:connect_enterprise_server:*
-
cpe:2.3:a:adobe:flash_media_server_2:*