Use-After-Free Vulnerability in Adobe Flash Media Server and Connect Enterprise Server
CVE-2007-6148

Currently unrated

Key Information:

Vendor: Adobe
Status: Connect Enterprise Server; Flash Media Server 2
Vendor: CVE Published:; 13 February 2008

Summary

A use-after-free vulnerability exists in the Edge server of Adobe Flash Media Server 2 prior to version 2.0.5 and Connect Enterprise Server 6 prior to Service Pack 3. This weakness allows remote attackers to exploit the system by sending specially crafted Real Time Message Protocol (RTMP) requests, potentially enabling them to execute arbitrary code. It is crucial for users and administrators to apply the necessary updates to protect sensitive information and maintain the integrity of their systems.

References

http://www.adobe.com/support/security/bulletins/apsb08-04...

x_refsource_CONFIRM

http://www.vupen.com/english/advisories/2008/0539

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/28947

third-party-advisoryx_refsource_SECUNIA

EPSS Score

21% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 13, 2008
Vulnerability Reserved
Nov 27, 2007