Vulnerability Details CVE-2008-1655
Unspecified vulnerability in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, makes it easier for remote attackers to conduct DNS rebinding attacks via unknown vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.301
EPSS Ranking 96.5%
CVSS Severity
CVSS v2 Score 4.3
References
- http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html
- http://secunia.com/advisories/29763
- http://secunia.com/advisories/29865
- http://secunia.com/advisories/30430
- http://secunia.com/advisories/30507
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
- http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security.html#goal_dns
- http://www.adobe.com/support/security/bulletins/apsb08-11.html
- http://www.gentoo.org/security/en/glsa/glsa-200804-21.xml
- http://www.osvdb.org/44283
- http://www.redhat.com/support/errata/RHSA-2008-0221.html
- http://www.securityfocus.com/bid/28697
- http://www.securitytracker.com/id?1019808
- http://www.us-cert.gov/cas/techalerts/TA08-100A.html
- http://www.us-cert.gov/cas/techalerts/TA08-150A.html
- http://www.vupen.com/english/advisories/2008/1697
- http://www.vupen.com/english/advisories/2008/1724/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41807
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10724
- http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html
- http://secunia.com/advisories/29763
- http://secunia.com/advisories/29865
- http://secunia.com/advisories/30430
- http://secunia.com/advisories/30507
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
- http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security.html#goal_dns
- http://www.adobe.com/support/security/bulletins/apsb08-11.html
- http://www.gentoo.org/security/en/glsa/glsa-200804-21.xml
- http://www.osvdb.org/44283
- http://www.redhat.com/support/errata/RHSA-2008-0221.html
- http://www.securityfocus.com/bid/28697
- http://www.securitytracker.com/id?1019808
- http://www.us-cert.gov/cas/techalerts/TA08-100A.html
- http://www.us-cert.gov/cas/techalerts/TA08-150A.html
- http://www.vupen.com/english/advisories/2008/1697
- http://www.vupen.com/english/advisories/2008/1724/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41807
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10724
Products affected by CVE-2008-1655
-
cpe:2.3:a:adobe:air:1.0
-
cpe:2.3:a:adobe:flash_player:-
-
cpe:2.3:a:adobe:flash_player:2
-
cpe:2.3:a:adobe:flash_player:3
-
cpe:2.3:a:adobe:flash_player:4
-
cpe:2.3:a:adobe:flash_player:5
-
cpe:2.3:a:adobe:flash_player:6
-
cpe:2.3:a:adobe:flash_player:6.0.21.0
-
cpe:2.3:a:adobe:flash_player:6.0.79
-
cpe:2.3:a:adobe:flash_player:7
-
cpe:2.3:a:adobe:flash_player:7.0
-
cpe:2.3:a:adobe:flash_player:7.0.1
-
cpe:2.3:a:adobe:flash_player:7.0.14.0
-
cpe:2.3:a:adobe:flash_player:7.0.19.0
-
cpe:2.3:a:adobe:flash_player:7.0.24.0
-
cpe:2.3:a:adobe:flash_player:7.0.25
-
cpe:2.3:a:adobe:flash_player:7.0.53.0
-
cpe:2.3:a:adobe:flash_player:7.0.60.0
-
cpe:2.3:a:adobe:flash_player:7.0.61.0
-
cpe:2.3:a:adobe:flash_player:7.0.63
-
cpe:2.3:a:adobe:flash_player:7.0.66.0
-
cpe:2.3:a:adobe:flash_player:7.0.67.0
-
cpe:2.3:a:adobe:flash_player:7.0.68.0
-
cpe:2.3:a:adobe:flash_player:7.0.69.0
-
cpe:2.3:a:adobe:flash_player:7.0.70.0
-
cpe:2.3:a:adobe:flash_player:7.0.73.0
-
cpe:2.3:a:adobe:flash_player:7.1
-
cpe:2.3:a:adobe:flash_player:7.1.1
-
cpe:2.3:a:adobe:flash_player:7.2
-
cpe:2.3:a:adobe:flash_player:8
-
cpe:2.3:a:adobe:flash_player:8.0
-
cpe:2.3:a:adobe:flash_player:8.0.22.0
-
cpe:2.3:a:adobe:flash_player:8.0.24.0
-
cpe:2.3:a:adobe:flash_player:8.0.33.0
-
cpe:2.3:a:adobe:flash_player:8.0.34.0
-
cpe:2.3:a:adobe:flash_player:8.0.35.0
-
cpe:2.3:a:adobe:flash_player:8.0.39.0
-
cpe:2.3:a:adobe:flash_player:8.0.42.0
-
cpe:2.3:a:adobe:flash_player:9
-
cpe:2.3:a:adobe:flash_player:9.0
-
cpe:2.3:a:adobe:flash_player:9.0.112.0
-
cpe:2.3:a:adobe:flash_player:9.0.114.0
-
cpe:2.3:a:adobe:flash_player:9.0.115.0
-
cpe:2.3:a:adobe:flash_player:9.0.16
-
cpe:2.3:a:adobe:flash_player:9.0.16.0
-
cpe:2.3:a:adobe:flash_player:9.0.18d60
-
cpe:2.3:a:adobe:flash_player:9.0.20
-
cpe:2.3:a:adobe:flash_player:9.0.20.0
-
cpe:2.3:a:adobe:flash_player:9.0.28
-
cpe:2.3:a:adobe:flash_player:9.0.28.0
-
cpe:2.3:a:adobe:flash_player:9.0.31
-
cpe:2.3:a:adobe:flash_player:9.0.31.0
-
cpe:2.3:a:adobe:flash_player:9.0.45.0
-
cpe:2.3:a:adobe:flash_player:9.0.47.0
-
cpe:2.3:a:adobe:flash_player:9.0.48.0
-
cpe:2.3:a:adobe:flash_player:9.0.8.0
-
cpe:2.3:a:adobe:flash_player:9.0.9.0
-
cpe:2.3:a:adobe:flex:3.0