Remote Code Execution Vulnerability in Adobe Flash Player for Linux
CVE-2008-5499

Currently unrated

Key Information:

Vendor: Adobe
Status: Flash Player For Linux
Vendor: CVE Published:; 18 December 2008

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 88%

Summary

An unspecified vulnerability exists in Adobe Flash Player for Linux, specifically affecting versions 10.0.12.36 and earlier. This flaw allows remote attackers to execute arbitrary code through a specially crafted SWF file. Exploitation of this vulnerability could lead to unauthorized control over the affected system, posing significant security risks to users running vulnerable versions of the application.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

Metasploit exploit module for CVE-2008-5499
Created by Rapid7

References

http://www.securitytracker.com/id?1021458

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/33221

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2008/3449

vdb-entryx_refsource_VUPEN

EPSS Score

88% chance of being exploited in the next 30 days.

Timeline

🟡
Public PoC available
Apr 10, 2012
👾
Exploit known to exist
Apr 10, 2012
Vulnerability published
Dec 18, 2008
Vulnerability Reserved
Dec 12, 2008