Remote Code Execution Vulnerability in Adobe Flash Player
CVE-2008-1655

Currently unrated

Key Information:

Vendor: Adobe
Status: Flash Player; Air; Flex
Vendor: CVE Published:; 9 April 2008

Summary

An unspecified vulnerability in Adobe Flash Player versions 9.0.115.0 and earlier, as well as 8.0.39.0 and earlier, allows remote attackers to exploit the software for DNS rebinding attacks. This vulnerability compromises the user's system by potentially allowing unauthorized actions to be performed, putting sensitive data at risk. Users of affected versions are advised to upgrade to the latest version to mitigate these risks.

References

http://secunia.com/advisories/29865

third-party-advisoryx_refsource_SECUNIA

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.securitytracker.com/id?1019808

vdb-entryx_refsource_SECTRACK

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 9, 2008
Vulnerability Reserved
Apr 2, 2008