Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2008-5361

Published: 08/12/2008 Updated: 08/11/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Adobe

Vulnerability Summary

The ActionScript 2 virtual machine in Adobe Flash Player 10.x prior to 10.0.12.36 and 9.x prior to 9.0.151.0, and Adobe AIR prior to 1.5, does not verify a member element's size when performing (1) DefineConstantPool, (2) ActionJump, (3) ActionPush, (4) ActionTry, and unspecified other actions, which allows remote malicious users to read sensitive data from process memory via a crafted PDF file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

adobe air

adobe flash player

Vendor Advisories

Red Hat: Critical: flash-plugin security update
Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An updated Adobe Flash Player package that fixes several security issues isnow available for Red Hat Enterprise Linux 3 and 4 ExtrasThis update has been rated as having critical security impact by the RedHat Sec ...
Red Hat: Critical: flash-plugin security update
Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An updated Adobe Flash Player package that fixes several security issues isnow available for Red Hat Enterprise Linux 5 SupplementaryThis update has been rated as having critical security impact by the RedHat Se ...

References

CWE-399http://www.isecpartners.com/advisories/2008-01-flash.txthttp://www.adobe.com/support/security/bulletins/apsb08-22.htmlhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1http://secunia.com/advisories/33390http://securityreason.com/securityalert/4692http://security.gentoo.org/glsa/glsa-200903-23.xmlhttp://support.avaya.com/elmodocs2/security/ASA-2009-020.htmhttp://secunia.com/advisories/34226http://www.securityfocus.com/archive/1/498561/100/0/threadedhttps://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2008:0980
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987buffer overflowCVE-2024-28890CVE-2024-27574CVE-2024-27347CVE-2024-31450privilegeSSTICVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook