1. CVE-Search
  2. CVE-2006-0024
ID CVE-2006-0024
Summary Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.
References
Vulnerable Configurations
  • cpe:2.3:a:macromedia:flash_player:4.0_r12:*:*:*:*:*:*:*
    cpe:2.3:a:macromedia:flash_player:4.0_r12:*:*:*:*:*:*:*
  • cpe:2.3:a:macromedia:flash_player:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:macromedia:flash_player:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:macromedia:flash_player:5.0_r50:*:*:*:*:*:*:*
    cpe:2.3:a:macromedia:flash_player:5.0_r50:*:*:*:*:*:*:*
  • cpe:2.3:a:macromedia:flash_player:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:macromedia:flash_player:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:macromedia:flash_player:6.0.29.0:*:*:*:*:*:*:*
    cpe:2.3:a:macromedia:flash_player:6.0.29.0:*:*:*:*:*:*:*
  • cpe:2.3:a:macromedia:flash_player:6.0.40.0:*:*:*:*:*:*:*
    cpe:2.3:a:macromedia:flash_player:6.0.40.0:*:*:*:*:*:*:*
  • cpe:2.3:a:macromedia:flash_player:6.0.47.0:*:*:*:*:*:*:*
    cpe:2.3:a:macromedia:flash_player:6.0.47.0:*:*:*:*:*:*:*
  • cpe:2.3:a:macromedia:flash_player:6.0.65.0:*:*:*:*:*:*:*
    cpe:2.3:a:macromedia:flash_player:6.0.65.0:*:*:*:*:*:*:*
  • cpe:2.3:a:macromedia:flash_player:6.0.79.0:*:*:*:*:*:*:*
    cpe:2.3:a:macromedia:flash_player:6.0.79.0:*:*:*:*:*:*:*
  • cpe:2.3:a:macromedia:flash_player:7.0.19.0:*:*:*:*:*:*:*
    cpe:2.3:a:macromedia:flash_player:7.0.19.0:*:*:*:*:*:*:*
  • cpe:2.3:a:macromedia:flash_player:7.0.60.0:*:*:*:*:*:*:*
    cpe:2.3:a:macromedia:flash_player:7.0.60.0:*:*:*:*:*:*:*
  • cpe:2.3:a:macromedia:flash_player:7.0.61.0:*:*:*:*:*:*:*
    cpe:2.3:a:macromedia:flash_player:7.0.61.0:*:*:*:*:*:*:*
  • cpe:2.3:a:macromedia:flash_player:7.0_r19:*:*:*:*:*:*:*
    cpe:2.3:a:macromedia:flash_player:7.0_r19:*:*:*:*:*:*:*
  • cpe:2.3:a:macromedia:flash_player:7.0.14.0:*:*:*:*:*:*:*
    cpe:2.3:a:macromedia:flash_player:7.0.14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:macromedia:flash_player:8.0:*:*:*:*:*:*:*
    cpe:2.3:a:macromedia:flash_player:8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:macromedia:flash_player:8.0.22.0:*:*:*:*:*:*:*
    cpe:2.3:a:macromedia:flash_player:8.0.22.0:*:*:*:*:*:*:*
CVSS
Base: 5.1 (as of 12-10-2018 - 21:38)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:H/Au:N/C:P/I:P/A:P
oval via4
  • accepted 2011-05-16T04:02:01.361-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.
    family windows
    id oval:org.mitre.oval:def:1894
    status accepted
    submitted 2006-05-10T03:16:00.000-04:00
    title Remote Code Execution Vulnerability in Flash Player 8 (XP,SP1)
    version 54
  • accepted 2015-08-03T04:01:04.142-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Dragos Prisaca
      organization Gideon Technologies, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    • name Maria Mikhno
      organization ALTX-SOFT
    definition_extensions
    comment Adobe Flash Player is installed
    oval oval:org.mitre.oval:def:6700
    description Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.
    family windows
    id oval:org.mitre.oval:def:1922
    status accepted
    submitted 2006-05-10T03:16:00.000-04:00
    title Remote Code Execution Vulnerability in Flash Player 8 (XP,SP2)
    version 57
redhat via4
advisories
rhsa
id RHSA-2006:0268
refmap via4
apple
  • APPLE-SA-2006-05-11
  • APPLE-SA-2007-12-17
bid
  • 17106
  • 17951
cert
  • TA06-075A
  • TA06-129A
  • TA06-132A
  • TA07-352A
cert-vn VU#945060
confirm
gentoo GLSA-200603-20
osvdb 23908
sectrack 1015770
secunia
  • 19198
  • 19218
  • 19259
  • 19328
  • 20045
  • 20077
  • 28136
suse SUSE-SA:2006:015
vupen
  • ADV-2006-0952
  • ADV-2006-1262
  • ADV-2006-1744
  • ADV-2006-1779
  • ADV-2007-4238
xf macromedia-swf-code-execution(25005)
Last major update 12-10-2018 - 21:38
Published 15-03-2006 - 16:06
Last modified 12-10-2018 - 21:38
Back to Top