ActionScript in Adobe Flash Player 9.0.124.0 and previous versions does not require user interaction in conjunction with (1) the FileReference.browse operation in the FileReference upload API or (2) the FileReference.download operation in the FileReference download API, which allows remote malicious users to create a browse dialog box, and possibly have unspecified other impact, via an SWF file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adobe flash player 8.0.24.0 |
||
adobe flash player |
||
adobe flash player 7.1.1 |
||
adobe flash player 7.0.63 |
||
adobe flash player 7.0.70.0 |
||
adobe flash player 8.0.35.0 |
||
adobe flash player 9.0.114.0 |
||
adobe flash player 9.0.112.0 |
||
adobe flash player 7.0.69.0 |
||
adobe flash player 7.0 |
||
adobe flash player 7.2 |
||
adobe flash player 7.0 r67 |
||
adobe flash player 9.0.115.0 |
||
adobe flash player 7.0.25 |
||
adobe flash player 8.0 |
||
adobe flash player 8.0.39.0 |
||
adobe flash player 8.0.34.0 |
||
adobe flash player 7.1 |
||
adobe flash player 7.0.1 |
||
adobe flash player 9.0 |