Same Origin Policy Bypass Vulnerability in Adobe Flash Player
CVE-2019-8075

7.5HIGH

Key Information:

Vendor
Adobe
Status
Flash Player
Vendor
CVE Published:
27 September 2019

Summary

The Same Origin Policy Bypass vulnerability in Adobe Flash Player allows attackers to exploit the application and potentially gain unauthorized access to sensitive information. By taking advantage of this flaw in versions 32.0.0.192 and earlier, an attacker could execute malicious scripts in the context of the current user's session, leading to information disclosure and compromising user data security.

Affected Version(s)

Flash Player 32.0.0.192 and earlier versions

References

https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA
https://www.debian.org/security/2021/dsa-4824
vendor-advisoryx_refsource_DEBIAN

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.