CVE-2007-5275

Table of Contents

Impact:
Low
Public Date:
2007-10-08
Bugzilla:
367501: CVE-2007-5275 Flash plugin DNS rebinding

The MITRE CVE dictionary describes this issue as:

The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause a victim machine to establish TCP sessions with arbitrary hosts via a Flash (SWF) movie, related to lack of pinning of a hostname to a single IP address after receiving an allow-access-from element in a cross-domain-policy XML document, and the availability of a Flash Socket class that does not use the browser's DNS pins, aka DNS rebinding attacks, a different issue than CVE-2002-1467 and CVE-2007-4324.

Find out more about CVE-2007-5275 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux AS version 4 Extras (flash-plugin) RHSA-2008:0221 2008-04-08
Red Hat Enterprise Linux AS version 3 Extras (flash-plugin) RHSA-2007:1126 2007-12-18
Red Hat Enterprise Linux Supplementary 5 (flash-plugin) RHSA-2007:1126 2007-12-18
Red Hat Enterprise Linux AS version 3 Extras (flash-plugin) RHSA-2008:0221 2008-04-08
Red Hat Enterprise Linux AS version 4 Extras (flash-plugin) RHSA-2007:1126 2007-12-18
Red Hat Enterprise Linux Supplementary 5 (flash-plugin) RHSA-2008:0221 2008-04-08
Last Modified

CVE description copyright © 2017, The MITRE Corporation