CVE-2007-6244

Table of Contents

Impact:
Moderate
Public Date:
2007-12-17
CWE:
CWE-79
Bugzilla:
414501: CVE-2007-6244 flash: XSS via asfunction protocol

The MITRE CVE dictionary describes this issue as:

Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via (1) a SWF file that uses the asfunction: protocol or (2) the navigateToURL function when used with the Flash Player ActiveX Control in Internet Explorer.

Find out more about CVE-2007-6244 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux AS version 4 Extras (flash-plugin) RHSA-2007:1126 2007-12-18
Red Hat Enterprise Linux Supplementary 5 (flash-plugin) RHSA-2007:1126 2007-12-18
Red Hat Enterprise Linux AS version 3 Extras (flash-plugin) RHSA-2007:1126 2007-12-18
Last Modified

CVE description copyright © 2017, The MITRE Corporation