Integer Overflow Vulnerabilities in Adobe Flash Media Server and Connect Enterprise Server
CVE-2007-6149

Currently unrated

Key Information:

Vendor: Adobe
Status: Connect Enterprise Server; Flash Media Server 2
Vendor: CVE Published:; 13 February 2008

Summary

Adobe Flash Media Server 2 and Connect Enterprise Server contain multiple integer overflow vulnerabilities due to improper handling of integer fields in RTMP messages. These flaws allow remote attackers to exploit the affected systems by sending specially crafted messages, potentially leading to arbitrary code execution and compromise of server integrity. It is essential for users to apply the latest security updates to mitigate these risks effectively.

References

http://www.securitytracker.com/id?1019399

vdb-entryx_refsource_SECTRACK

http://www.adobe.com/support/security/bulletins/apsb08-04...

x_refsource_CONFIRM

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

EPSS Score

31% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 13, 2008
Vulnerability Reserved
Nov 27, 2007