Remote Code Execution Vulnerability in Adobe Flash Player by Adobe
CVE-2007-6019

Currently unrated

Key Information:

Vendor: Adobe
Status: Flash Player; Air; Flash; Flex
Vendor: CVE Published:; 9 April 2008

Summary

A vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code through a specially crafted SWF file. This manipulation occurs due to a flaw in the handling of the DeclareFunction2 ActionScript tag, which may prevent proper instantiation of objects. Exploiting this vulnerability could allow attackers to gain unauthorized access and control over affected systems, potentially leading to data breaches or other malicious actions.

References

http://secunia.com/advisories/29865

third-party-advisoryx_refsource_SECUNIA

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://secunia.com/advisories/30507

third-party-advisoryx_refsource_SECUNIA

EPSS Score

52% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 9, 2008
Vulnerability Reserved
Nov 19, 2007