cvelistv5 - CVE-2006-0024

CVE-2006-0024 (GCVE-0-2006-0024)

Vulnerability from cvelistv5

Published

2006-03-15 16:00

Modified

2024-08-07 16:18

Severity ?

CWE

Summary

Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.

References

URL

Tags

secure@microsoft.com	http://docs.info.apple.com/article.html?artnum=307179
secure@microsoft.com	http://lists.apple.com/archives/security-announce/2006/May/msg00003.html
secure@microsoft.com	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
secure@microsoft.com	http://secunia.com/advisories/19198
secure@microsoft.com	http://secunia.com/advisories/19218	Patch, Vendor Advisory
secure@microsoft.com	http://secunia.com/advisories/19259
secure@microsoft.com	http://secunia.com/advisories/19328
secure@microsoft.com	http://secunia.com/advisories/20045
secure@microsoft.com	http://secunia.com/advisories/20077
secure@microsoft.com	http://secunia.com/advisories/28136
secure@microsoft.com	http://securitytracker.com/id?1015770
secure@microsoft.com	http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml
secure@microsoft.com	http://www.kb.cert.org/vuls/id/945060	US Government Resource
secure@microsoft.com	http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html	Patch, Vendor Advisory
secure@microsoft.com	http://www.novell.com/linux/security/advisories/2006_15_flashplayer.html
secure@microsoft.com	http://www.opera.com/docs/changelogs/windows/854/
secure@microsoft.com	http://www.osvdb.org/23908
secure@microsoft.com	http://www.redhat.com/support/errata/RHSA-2006-0268.html	Vendor Advisory
secure@microsoft.com	http://www.securityfocus.com/bid/17106
secure@microsoft.com	http://www.securityfocus.com/bid/17951
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA06-075A.html	US Government Resource
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA06-129A.html	US Government Resource
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA06-132A.html	US Government Resource
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
secure@microsoft.com	http://www.vupen.com/english/advisories/2006/0952
secure@microsoft.com	http://www.vupen.com/english/advisories/2006/1262
secure@microsoft.com	http://www.vupen.com/english/advisories/2006/1744
secure@microsoft.com	http://www.vupen.com/english/advisories/2006/1779
secure@microsoft.com	http://www.vupen.com/english/advisories/2007/4238
secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-020
secure@microsoft.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/25005
secure@microsoft.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1894
secure@microsoft.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1922
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=307179
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2006/May/msg00003.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19198
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19218	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19259
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19328
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20045
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20077
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28136
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015770
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/945060	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2006_15_flashplayer.html
af854a3a-2127-422b-91ae-364da2661108	http://www.opera.com/docs/changelogs/windows/854/
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/23908
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0268.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/17106
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/17951
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA06-075A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA06-129A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA06-132A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0952
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/1262
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/1744
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/1779
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4238
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-020
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/25005
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1894
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1922

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:18:20.704Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "17951",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17951"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html"
          },
          {
            "name": "ADV-2007-4238",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4238"
          },
          {
            "name": "macromedia-swf-code-execution(25005)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25005"
          },
          {
            "name": "TA07-352A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
          },
          {
            "name": "ADV-2006-1779",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1779"
          },
          {
            "name": "23908",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/23908"
          },
          {
            "name": "ADV-2006-1262",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1262"
          },
          {
            "name": "17106",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17106"
          },
          {
            "name": "TA06-132A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"
          },
          {
            "name": "28136",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28136"
          },
          {
            "name": "19259",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19259"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.opera.com/docs/changelogs/windows/854/"
          },
          {
            "name": "TA06-129A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-129A.html"
          },
          {
            "name": "1015770",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015770"
          },
          {
            "name": "RHSA-2006:0268",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0268.html"
          },
          {
            "name": "GLSA-200603-20",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml"
          },
          {
            "name": "20045",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20045"
          },
          {
            "name": "APPLE-SA-2007-12-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
          },
          {
            "name": "APPLE-SA-2006-05-11",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"
          },
          {
            "name": "SUSE-SA:2006:015",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_15_flashplayer.html"
          },
          {
            "name": "TA06-075A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-075A.html"
          },
          {
            "name": "oval:org.mitre.oval:def:1922",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1922"
          },
          {
            "name": "19328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=307179"
          },
          {
            "name": "19218",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19218"
          },
          {
            "name": "19198",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19198"
          },
          {
            "name": "ADV-2006-1744",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1744"
          },
          {
            "name": "20077",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20077"
          },
          {
            "name": "oval:org.mitre.oval:def:1894",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1894"
          },
          {
            "name": "MS06-020",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-020"
          },
          {
            "name": "ADV-2006-0952",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0952"
          },
          {
            "name": "VU#945060",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/945060"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-03-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "17951",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17951"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html"
        },
        {
          "name": "ADV-2007-4238",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4238"
        },
        {
          "name": "macromedia-swf-code-execution(25005)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25005"
        },
        {
          "name": "TA07-352A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
        },
        {
          "name": "ADV-2006-1779",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1779"
        },
        {
          "name": "23908",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/23908"
        },
        {
          "name": "ADV-2006-1262",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1262"
        },
        {
          "name": "17106",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17106"
        },
        {
          "name": "TA06-132A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"
        },
        {
          "name": "28136",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28136"
        },
        {
          "name": "19259",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19259"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.opera.com/docs/changelogs/windows/854/"
        },
        {
          "name": "TA06-129A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-129A.html"
        },
        {
          "name": "1015770",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015770"
        },
        {
          "name": "RHSA-2006:0268",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0268.html"
        },
        {
          "name": "GLSA-200603-20",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml"
        },
        {
          "name": "20045",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20045"
        },
        {
          "name": "APPLE-SA-2007-12-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
        },
        {
          "name": "APPLE-SA-2006-05-11",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"
        },
        {
          "name": "SUSE-SA:2006:015",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_15_flashplayer.html"
        },
        {
          "name": "TA06-075A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-075A.html"
        },
        {
          "name": "oval:org.mitre.oval:def:1922",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1922"
        },
        {
          "name": "19328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=307179"
        },
        {
          "name": "19218",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19218"
        },
        {
          "name": "19198",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19198"
        },
        {
          "name": "ADV-2006-1744",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1744"
        },
        {
          "name": "20077",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20077"
        },
        {
          "name": "oval:org.mitre.oval:def:1894",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1894"
        },
        {
          "name": "MS06-020",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-020"
        },
        {
          "name": "ADV-2006-0952",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0952"
        },
        {
          "name": "VU#945060",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/945060"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-0024",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "17951",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/17951"
            },
            {
              "name": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html",
              "refsource": "CONFIRM",
              "url": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html"
            },
            {
              "name": "ADV-2007-4238",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4238"
            },
            {
              "name": "macromedia-swf-code-execution(25005)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25005"
            },
            {
              "name": "TA07-352A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
            },
            {
              "name": "ADV-2006-1779",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1779"
            },
            {
              "name": "23908",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/23908"
            },
            {
              "name": "ADV-2006-1262",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1262"
            },
            {
              "name": "17106",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/17106"
            },
            {
              "name": "TA06-132A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"
            },
            {
              "name": "28136",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28136"
            },
            {
              "name": "19259",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19259"
            },
            {
              "name": "http://www.opera.com/docs/changelogs/windows/854/",
              "refsource": "CONFIRM",
              "url": "http://www.opera.com/docs/changelogs/windows/854/"
            },
            {
              "name": "TA06-129A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-129A.html"
            },
            {
              "name": "1015770",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015770"
            },
            {
              "name": "RHSA-2006:0268",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0268.html"
            },
            {
              "name": "GLSA-200603-20",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml"
            },
            {
              "name": "20045",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20045"
            },
            {
              "name": "APPLE-SA-2007-12-17",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
            },
            {
              "name": "APPLE-SA-2006-05-11",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"
            },
            {
              "name": "SUSE-SA:2006:015",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2006_15_flashplayer.html"
            },
            {
              "name": "TA06-075A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-075A.html"
            },
            {
              "name": "oval:org.mitre.oval:def:1922",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1922"
            },
            {
              "name": "19328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19328"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307179",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=307179"
            },
            {
              "name": "19218",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19218"
            },
            {
              "name": "19198",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19198"
            },
            {
              "name": "ADV-2006-1744",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1744"
            },
            {
              "name": "20077",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20077"
            },
            {
              "name": "oval:org.mitre.oval:def:1894",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1894"
            },
            {
              "name": "MS06-020",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-020"
            },
            {
              "name": "ADV-2006-0952",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0952"
            },
            {
              "name": "VU#945060",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/945060"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2006-0024",
    "datePublished": "2006-03-15T16:00:00",
    "dateReserved": "2005-11-30T00:00:00",
    "dateUpdated": "2024-08-07T16:18:20.704Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-0024\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2006-03-15T16:06:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:P/I:P/A:P\",\"baseScore\":5.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":4.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:macromedia:flash_player:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.0.22.0\",\"matchCriteriaId\":\"D070180F-4058-480E-B489-D83310404B80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:macromedia:flash_player:4.0_r12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAB0102B-7F42-40EA-AD40-B67C6942F860\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:macromedia:flash_player:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF005FC1-50A0-4233-A500-1E677EACDBE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:macromedia:flash_player:5.0_r50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BB0BE19-EB29-4DEB-883C-89CB2023E54B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:macromedia:flash_player:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F8A8FD0-F9C9-4125-B682-A7F2B73D9BA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:macromedia:flash_player:6.0.29.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B2A9976-1883-4D49-A512-C66FF12FDDCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:macromedia:flash_player:6.0.40.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C20DFF23-6215-4860-B091-ECC1C1C08DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:macromedia:flash_player:6.0.47.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E1B943A-38AD-4472-B143-B66567EBC9E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:macromedia:flash_player:6.0.65.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"141B7F64-5EDD-450D-A244-124366AD5800\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:macromedia:flash_player:6.0.79.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F44A2955-F536-4EA5-8D1E-94D35EE10B88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:macromedia:flash_player:7.0.19.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AA559D4-7887-4518-BAE4-17A60297014E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:macromedia:flash_player:7.0.60.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"614C9E32-62F6-4D99-A87E-4BFE2B734576\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:macromedia:flash_player:7.0.61.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AED0EDDC-B58E-4E1E-AE5E-1590D60AA013\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:macromedia:flash_player:7.0_r19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74E436A0-D128-4225-8238-79E80353541D\"}]}]}],\"references\":[{\"url\":\"http://docs.info.apple.com/article.html?artnum=307179\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2006/May/msg00003.html\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/19198\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/19218\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19259\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/19328\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/20045\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/20077\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/28136\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://securitytracker.com/id?1015770\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.kb.cert.org/vuls/id/945060\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_15_flashplayer.html\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.opera.com/docs/changelogs/windows/854/\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.osvdb.org/23908\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2006-0268.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/17106\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securityfocus.com/bid/17951\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-075A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-129A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-132A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-352A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/0952\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/1262\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/1744\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/1779\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/4238\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-020\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/25005\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1894\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1922\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://docs.info.apple.com/article.html?artnum=307179\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2006/May/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19198\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19218\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19259\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19328\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/20045\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/20077\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/28136\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1015770\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/945060\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_15_flashplayer.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.opera.com/docs/changelogs/windows/854/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/23908\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2006-0268.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/17106\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/17951\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-075A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-129A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-132A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-352A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/0952\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/1262\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/1744\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/1779\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/4238\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-020\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/25005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1894\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1922\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

ghsa-83x7-pg9v-2gcq

Vulnerability from github

Published

2022-05-01 06:37

Modified

2025-04-03 04:28

Details

Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-0024"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-03-15T16:06:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.",
  "id": "GHSA-83x7-pg9v-2gcq",
  "modified": "2025-04-03T04:28:29Z",
  "published": "2022-05-01T06:37:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0024"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-020"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25005"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1894"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1922"
    },
    {
      "type": "WEB",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19198"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19218"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19259"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19328"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20045"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20077"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28136"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1015770"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/945060"
    },
    {
      "type": "WEB",
      "url": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2006_15_flashplayer.html"
    },
    {
      "type": "WEB",
      "url": "http://www.opera.com/docs/changelogs/windows/854"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/23908"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0268.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/17106"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/17951"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-075A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-129A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/0952"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/1262"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/1744"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/1779"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

rhsa-2006:0268

Vulnerability from csaf_redhat

Published

2006-03-15 22:43

Modified

2025-11-08 03:23

Summary

Red Hat Security Advisory: flash-plugin security update

Notes

Topic

An updated Macromedia Flash Player package that fixes a security issue is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team.

Details

The flash-plugin package contains a Mozilla-compatible Macromedia Flash Player browser plug-in. Security issues were discovered in the Macromedia Flash Player. It may be possible to execute arbitrary code on a victim's machine if the victim opens a malicious Macromedia Flash file. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0024 to this issue. Users of Macromedia Flash Player should upgrade to this updated package, which contains version 7.0.64 and is not vulnerable to this issue.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated Macromedia Flash Player package that fixes a security issue is now\navailable.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The flash-plugin package contains a Mozilla-compatible Macromedia Flash\nPlayer browser plug-in.\n\nSecurity issues were discovered in the Macromedia Flash Player. It may\nbe possible to execute arbitrary code on a victim\u0027s machine if the victim\nopens a malicious Macromedia Flash file.  The Common Vulnerabilities and\nExposures project assigned the name CVE-2006-0024 to this issue.\n\nUsers of Macromedia Flash Player should upgrade to this updated package,\nwhich contains version 7.0.64 and is not vulnerable to this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2006:0268",
        "url": "https://access.redhat.com/errata/RHSA-2006:0268"
      },
      {
        "category": "external",
        "summary": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html",
        "url": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html"
      },
      {
        "category": "external",
        "summary": "185499",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=185499"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0268.json"
      }
    ],
    "title": "Red Hat Security Advisory: flash-plugin security update",
    "tracking": {
      "current_release_date": "2025-11-08T03:23:34+00:00",
      "generator": {
        "date": "2025-11-08T03:23:34+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2006:0268",
      "initial_release_date": "2006-03-15T22:43:00+00:00",
      "revision_history": [
        {
          "date": "2006-03-15T22:43:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2006-03-15T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-08T03:23:34+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Desktop version 3 Extras",
                "product": {
                  "name": "Red Hat Desktop version 3 Extras",
                  "product_id": "Red Hat Desktop version 3 Extras",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Desktop version 4 Extras",
                "product": {
                  "name": "Red Hat Desktop version 4 Extras",
                  "product_id": "Red Hat Desktop version 4 Extras",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux Supplementary"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2006-0024",
      "discovery_date": "2006-03-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1617867"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Desktop version 3 Extras",
          "Red Hat Desktop version 4 Extras"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2006-0024"
        },
        {
          "category": "external",
          "summary": "RHBZ#1617867",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617867"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2006-0024",
          "url": "https://www.cve.org/CVERecord?id=CVE-2006-0024"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-0024",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0024"
        }
      ],
      "release_date": "2006-03-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2006-03-15T22:43:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Desktop version 3 Extras",
            "Red Hat Desktop version 4 Extras"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2006:0268"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "security flaw"
    }
  ]
}

rhsa-2006_0268

Vulnerability from csaf_redhat

Published

2006-03-15 22:43

Modified

2024-11-14 10:04

Summary

Red Hat Security Advisory: flash-plugin security update

Notes

Topic

An updated Macromedia Flash Player package that fixes a security issue is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team.

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated Macromedia Flash Player package that fixes a security issue is now\navailable.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The flash-plugin package contains a Mozilla-compatible Macromedia Flash\nPlayer browser plug-in.\n\nSecurity issues were discovered in the Macromedia Flash Player. It may\nbe possible to execute arbitrary code on a victim\u0027s machine if the victim\nopens a malicious Macromedia Flash file.  The Common Vulnerabilities and\nExposures project assigned the name CVE-2006-0024 to this issue.\n\nUsers of Macromedia Flash Player should upgrade to this updated package,\nwhich contains version 7.0.64 and is not vulnerable to this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2006:0268",
        "url": "https://access.redhat.com/errata/RHSA-2006:0268"
      },
      {
        "category": "external",
        "summary": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html",
        "url": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html"
      },
      {
        "category": "external",
        "summary": "185499",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=185499"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0268.json"
      }
    ],
    "title": "Red Hat Security Advisory: flash-plugin security update",
    "tracking": {
      "current_release_date": "2024-11-14T10:04:05+00:00",
      "generator": {
        "date": "2024-11-14T10:04:05+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.0"
        }
      },
      "id": "RHSA-2006:0268",
      "initial_release_date": "2006-03-15T22:43:00+00:00",
      "revision_history": [
        {
          "date": "2006-03-15T22:43:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2006-03-15T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-14T10:04:05+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Desktop version 3 Extras",
                "product": {
                  "name": "Red Hat Desktop version 3 Extras",
                  "product_id": "Red Hat Desktop version 3 Extras",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Desktop version 4 Extras",
                "product": {
                  "name": "Red Hat Desktop version 4 Extras",
                  "product_id": "Red Hat Desktop version 4 Extras",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux Supplementary"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2006-0024",
      "discovery_date": "2006-03-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1617867"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Desktop version 3 Extras",
          "Red Hat Desktop version 4 Extras"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2006-0024"
        },
        {
          "category": "external",
          "summary": "RHBZ#1617867",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617867"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2006-0024",
          "url": "https://www.cve.org/CVERecord?id=CVE-2006-0024"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-0024",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0024"
        }
      ],
      "release_date": "2006-03-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2006-03-15T22:43:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Desktop version 3 Extras",
            "Red Hat Desktop version 4 Extras"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2006:0268"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "security flaw"
    }
  ]
}

RHSA-2006:0268

Vulnerability from csaf_redhat

Published

2006-03-15 22:43

Modified

2025-11-08 03:23

Summary

Red Hat Security Advisory: flash-plugin security update

Notes

Topic

An updated Macromedia Flash Player package that fixes a security issue is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team.

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated Macromedia Flash Player package that fixes a security issue is now\navailable.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The flash-plugin package contains a Mozilla-compatible Macromedia Flash\nPlayer browser plug-in.\n\nSecurity issues were discovered in the Macromedia Flash Player. It may\nbe possible to execute arbitrary code on a victim\u0027s machine if the victim\nopens a malicious Macromedia Flash file.  The Common Vulnerabilities and\nExposures project assigned the name CVE-2006-0024 to this issue.\n\nUsers of Macromedia Flash Player should upgrade to this updated package,\nwhich contains version 7.0.64 and is not vulnerable to this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2006:0268",
        "url": "https://access.redhat.com/errata/RHSA-2006:0268"
      },
      {
        "category": "external",
        "summary": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html",
        "url": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html"
      },
      {
        "category": "external",
        "summary": "185499",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=185499"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0268.json"
      }
    ],
    "title": "Red Hat Security Advisory: flash-plugin security update",
    "tracking": {
      "current_release_date": "2025-11-08T03:23:34+00:00",
      "generator": {
        "date": "2025-11-08T03:23:34+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2006:0268",
      "initial_release_date": "2006-03-15T22:43:00+00:00",
      "revision_history": [
        {
          "date": "2006-03-15T22:43:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2006-03-15T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-08T03:23:34+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Desktop version 3 Extras",
                "product": {
                  "name": "Red Hat Desktop version 3 Extras",
                  "product_id": "Red Hat Desktop version 3 Extras",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Desktop version 4 Extras",
                "product": {
                  "name": "Red Hat Desktop version 4 Extras",
                  "product_id": "Red Hat Desktop version 4 Extras",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux Supplementary"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2006-0024",
      "discovery_date": "2006-03-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1617867"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Desktop version 3 Extras",
          "Red Hat Desktop version 4 Extras"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2006-0024"
        },
        {
          "category": "external",
          "summary": "RHBZ#1617867",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617867"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2006-0024",
          "url": "https://www.cve.org/CVERecord?id=CVE-2006-0024"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-0024",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0024"
        }
      ],
      "release_date": "2006-03-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2006-03-15T22:43:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Desktop version 3 Extras",
            "Red Hat Desktop version 4 Extras"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2006:0268"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "security flaw"
    }
  ]
}

CERTA-2006-AVI-114

Vulnerability from certfr_avis

Plusieurs vulnérabilités dans la lecture des fichiers de type flash permettent à un utilisateur mal intentionné d'exécuter du code arbitraire à distance.

Description

Plusieurs vulnérabilités critiques ont été identifiées dans les lecteurs flash permettant à un utilisateur mal intentionné de compromettre un système vulnérable au moyen d'un fichier SWF malicieusement constitué.

Contournement provisoire

Ne consulter que des sites Internet sans flash ou jugés de confiance ;
de manière générale, n'ouvrir que des fichiers SWF jugés de confiance ;
désinstaller flash en attendant d'installer la version corrigées puis redémarrer le naviguateur.

Il n'existe pas de méthode fiable pour désactiver temporairement le flash.

Solution

Mettre à jour Flash Player en version 7.0.63.0 ou en version 8.0.24.0 ;
mettre à jour Shockwave Player en version 10.1.1 ;
mettre à jour Breeze Meeting Add-In en version 7.0.55.331 (Windows) ou version 7.0.55.118 (Macintosh) ;

Dans tous les cas, se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Shockwave Player version 10.1.0.11 et versions antérieures ;
N/A	N/A	Flash Debug Player version 7.0.14.0 et versions antérieures ;
N/A	N/A	Breeze Meeting Add-In version 5.1 et versions antérieures.
N/A	N/A	Flash Player version 8.0.22.0 et versions antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité Secunia SA19218 du 15 mars 2006	None	vendor-advisory
Bulletin de sécurité Adobe Systems (Macromedia) APSB06-03 du 14 mars 2006 :	-	other
Bulletin de sécurité Gentoo GLSA 200603-20 du 21 mars 2006 :	-	other
Bulletin de sécurité FreeBSD pour linux-flashplugin du 15 mars 2006 :	-	other
Bulletin de sécurité SUSE SUSE-SA:2006:015 du 21 mars 2006 :	-	other
Bulletin de sécurité RedHat RHSA-2006:0268 du 15 mars 2006 :	-	other
Bulletin de sécurité Microsoft (916208) du 14 mars 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Shockwave Player version 10.1.0.11 et versions ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Flash Debug Player version 7.0.14.0 et versions ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Breeze Meeting Add-In version 5.1 et versions ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Flash Player version 8.0.22.0 et versions ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s critiques ont \u00e9t\u00e9 identifi\u00e9es dans les lecteurs\nflash permettant \u00e0 un utilisateur mal intentionn\u00e9 de compromettre un\nsyst\u00e8me vuln\u00e9rable au moyen d\u0027un fichier SWF malicieusement constitu\u00e9.\n\n## Contournement provisoire\n\n-   Ne consulter que des sites Internet sans flash ou jug\u00e9s de confiance\n    ;\n-   de mani\u00e8re g\u00e9n\u00e9rale, n\u0027ouvrir que des fichiers SWF jug\u00e9s de\n    confiance ;\n-   d\u00e9sinstaller flash en attendant d\u0027installer la version corrig\u00e9es\n    puis red\u00e9marrer le naviguateur.\n\nIl n\u0027existe pas de m\u00e9thode fiable pour d\u00e9sactiver temporairement le\nflash.\n\n## Solution\n\n-   Mettre \u00e0 jour Flash Player en version 7.0.63.0 ou en version\n    8.0.24.0 ;\n-   mettre \u00e0 jour Shockwave Player en version 10.1.1 ;\n-   mettre \u00e0 jour Breeze Meeting Add-In en version 7.0.55.331 (Windows)\n    ou version 7.0.55.118 (Macintosh) ;\n\nDans tous les cas, se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour\nl\u0027obtention des correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-0024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0024"
    }
  ],
  "initial_release_date": "2006-03-15T00:00:00",
  "last_revision_date": "2006-03-22T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe Systems (Macromedia) APSB06-03    du 14 mars 2006 :",
      "url": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA 200603-20 du 21 mars 2006    :",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 FreeBSD pour linux-flashplugin du 15    mars 2006 :",
      "url": "http://www.vuxml.org/freebsd/pkg-linux-flashplugin.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SA:2006:015 du 21 mars 2006    :",
      "url": "http://www.novell.com/linux/security/advisories/2006_15_flashplayer.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2006:0268 du 15 mars 2006    :",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0268.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft (916208) du 14 mars 2006 :",
      "url": "http://www.microsoft.com/technet/security/advisory/916208.mspx"
    }
  ],
  "reference": "CERTA-2006-AVI-114",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-03-15T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 FreeBSD.",
      "revision_date": "2006-03-16T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 RedHat, SUSE et Gentoo.",
      "revision_date": "2006-03-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans la lecture des fichiers de type flash\npermettent \u00e0 un utilisateur mal intentionn\u00e9 d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Flash Player",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Secunia SA19218 du 15 mars 2006",
      "url": "http://secunia.com/advisories/19218/"
    }
  ]
}

CERTA-2006-AVI-188

Vulnerability from certfr_avis

None

Description

Des versions vulnérables de Macromedia Flash Player sont incluses dans Microsoft Windows XP Service Pack 1 et Service Pack 2, ainsi que dans Internet Explorer 6 Service Pack 1 pour Windows ME, Windows 98 et Windows 98 SE.

Les vulnérabilités de Macromedia Flash Player indiquées dans le bulletin de sécurité MS06-020 de Microsoft ont fait l'objet des avis CERTA-2005-AVI-438 et CERTA-2006-AVI-114.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Microsoft	Windows	Internet Explorer 6 Service Pack 1 sous Windows ME, Windows 98 et Windows 98 SE.
	Microsoft	Windows	Microsoft Windows XP Service Pack 1 et Service Pack 2 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS06-020 du 09 mai 2006	None	vendor-advisory
Bulletin de sécurité Macromedia MPSB05-07 du 10 novembre 2005 :	-	other
Bulletin de sécurité Adobe APSB06-03 du 14 mars 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Internet Explorer 6 Service Pack 1 sous Windows ME, Windows 98 et Windows 98 SE.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Service Pack 1 et Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDes versions vuln\u00e9rables de Macromedia Flash Player sont incluses dans\nMicrosoft Windows XP Service Pack 1 et Service Pack 2, ainsi que dans\nInternet Explorer 6 Service Pack 1 pour Windows ME, Windows 98 et\nWindows 98 SE.\n\nLes vuln\u00e9rabilit\u00e9s de Macromedia Flash Player indiqu\u00e9es dans le bulletin\nde s\u00e9curit\u00e9 MS06-020 de Microsoft ont fait l\u0027objet des avis\nCERTA-2005-AVI-438 et CERTA-2006-AVI-114.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-0024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0024"
    }
  ],
  "initial_release_date": "2006-05-10T00:00:00",
  "last_revision_date": "2006-05-10T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Macromedia MPSB05-07 du 10 novembre    2005 :",
      "url": "http://www.adobe.com/devnet/security/security_zone/mpsb05-07.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB06-03 du 14 mars 2006 :",
      "url": "http://www.adobe.com/devnet/security/security_zone/apsb06-03.html"
    }
  ],
  "reference": "CERTA-2006-AVI-188",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-05-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    }
  ],
  "summary": null,
  "title": "Vuln\u00e9rabilit\u00e9s dans Macromedia Flash Player sous Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS06-020 du 09 mai 2006",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS06-020.mspx"
    }
  ]
}

CERTA-2007-AVI-551

Vulnerability from certfr_avis

None

Description

De multiples vulnérabilités ont été découvertes dans les systèmes d'exploitation Apple Mac OS X. L'exploitation de ces vulnérabilités permettent à une personne malveillante d'exécuter diverses actions dont l'exécution de code arbitraire à distance, l'atteinte à l'intégrité des données, l'élévation de privilèges ou le contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	N/A	Mac OS X version 10.5.1 et antérieures.
	Apple	N/A	Mac OS X version 10.4.11 et antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple 307179 du 12 décembre 2007

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X version 10.5.1 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X version 10.4.11 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les syst\u00e8mes\nd\u0027exploitation Apple Mac OS X. L\u0027exploitation de ces vuln\u00e9rabilit\u00e9s\npermettent \u00e0 une personne malveillante d\u0027ex\u00e9cuter diverses actions dont\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance, l\u0027atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des\ndonn\u00e9es, l\u0027\u00e9l\u00e9vation de privil\u00e8ges ou le contournement de la politique\nde s\u00e9curit\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-4710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4710"
    },
    {
      "name": "CVE-2007-1661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1661"
    },
    {
      "name": "CVE-2007-5857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5857"
    },
    {
      "name": "CVE-2007-4351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4351"
    },
    {
      "name": "CVE-2007-4768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4768"
    },
    {
      "name": "CVE-2007-1660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1660"
    },
    {
      "name": "CVE-2007-5116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5116"
    },
    {
      "name": "CVE-2007-5851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5851"
    },
    {
      "name": "CVE-2007-1659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1659"
    },
    {
      "name": "CVE-2007-5476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5476"
    },
    {
      "name": "CVE-2007-3876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3876"
    },
    {
      "name": "CVE-2007-4708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4708"
    },
    {
      "name": "CVE-2007-5853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5853"
    },
    {
      "name": "CVE-2007-5398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5398"
    },
    {
      "name": "CVE-2007-1218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1218"
    },
    {
      "name": "CVE-2007-5848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5848"
    },
    {
      "name": "CVE-2007-5770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5770"
    },
    {
      "name": "CVE-2007-1662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1662"
    },
    {
      "name": "CVE-2007-4709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4709"
    },
    {
      "name": "CVE-2007-5863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5863"
    },
    {
      "name": "CVE-2007-3798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3798"
    },
    {
      "name": "CVE-2006-0024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0024"
    },
    {
      "name": "CVE-2007-5849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5849"
    },
    {
      "name": "CVE-2007-5858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5858"
    },
    {
      "name": "CVE-2007-4131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4131"
    },
    {
      "name": "CVE-2007-6165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6165"
    },
    {
      "name": "CVE-2007-4572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4572"
    },
    {
      "name": "CVE-2007-5855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5855"
    },
    {
      "name": "CVE-2007-5854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5854"
    },
    {
      "name": "CVE-2007-4965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4965"
    },
    {
      "name": "CVE-2007-5856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5856"
    },
    {
      "name": "CVE-2007-5850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5850"
    },
    {
      "name": "CVE-2007-5859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5859"
    },
    {
      "name": "CVE-2007-5861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5861"
    },
    {
      "name": "CVE-2007-5860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5860"
    },
    {
      "name": "CVE-2007-4767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4767"
    },
    {
      "name": "CVE-2007-4766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4766"
    },
    {
      "name": "CVE-2007-5847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5847"
    }
  ],
  "initial_release_date": "2007-12-19T00:00:00",
  "last_revision_date": "2007-12-19T00:00:00",
  "links": [],
  "reference": "CERTA-2007-AVI-551",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-12-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 307179 du 12 d\u00e9cembre 2007",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    }
  ]
}

CERTA-2006-AVI-195

Vulnerability from certfr_avis

None

Description

Plusieurs vulnérabilités sont présentes dans le système d'exploitation MacOSX. Certaines vulnérabilités peuvent être utilisées par un utilisateur mal intentionné pour exécuter du code arbitraire ou réaliser un déni de service à distance. D'autres vulnérabilités peuvent être exploitées pour récupérer pour porter atteinte à la confidentialité des données présente sur le système.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple Mac OS X

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Mac OS X	None	vendor-advisory
Bulletin de sécurité Apple du 12 mai 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eApple Mac OS X\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans le syst\u00e8me d\u0027exploitation\nMacOSX. Certaines vuln\u00e9rabilit\u00e9s peuvent \u00eatre utilis\u00e9es par un\nutilisateur mal intentionn\u00e9 pour ex\u00e9cuter du code arbitraire ou r\u00e9aliser\nun d\u00e9ni de service \u00e0 distance. D\u0027autres vuln\u00e9rabilit\u00e9s peuvent \u00eatre\nexploit\u00e9es pour r\u00e9cup\u00e9rer pour porter atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es pr\u00e9sente sur le syst\u00e8me.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-1982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1982"
    },
    {
      "name": "CVE-2006-1447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1447"
    },
    {
      "name": "CVE-2006-1984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1984"
    },
    {
      "name": "CVE-2006-1983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1983"
    },
    {
      "name": "CVE-2006-1457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1457"
    },
    {
      "name": "CVE-2006-1444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1444"
    },
    {
      "name": "CVE-2006-1443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1443"
    },
    {
      "name": "CVE-2006-1441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1441"
    },
    {
      "name": "CVE-2006-1453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1453"
    },
    {
      "name": "CVE-2006-1439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1439"
    },
    {
      "name": "CVE-2006-1452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1452"
    },
    {
      "name": "CVE-2006-1450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1450"
    },
    {
      "name": "CVE-2005-4077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-4077"
    },
    {
      "name": "CVE-2006-1454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1454"
    },
    {
      "name": "CVE-2005-2628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2628"
    },
    {
      "name": "CVE-2006-1455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1455"
    },
    {
      "name": "CVE-2005-2337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2337"
    },
    {
      "name": "CVE-2006-1456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1456"
    },
    {
      "name": "CVE-2006-1985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1985"
    },
    {
      "name": "CVE-2006-1552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1552"
    },
    {
      "name": "CVE-2006-0024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0024"
    },
    {
      "name": "CVE-2006-1442",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1442"
    },
    {
      "name": "CVE-2006-1449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1449"
    },
    {
      "name": "CVE-2006-1451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1451"
    },
    {
      "name": "CVE-2006-1448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1448"
    },
    {
      "name": "CVE-2006-1445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1445"
    },
    {
      "name": "CVE-2006-1446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1446"
    },
    {
      "name": "CVE-2006-1614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1614"
    },
    {
      "name": "CVE-2006-1440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1440"
    }
  ],
  "initial_release_date": "2006-05-12T00:00:00",
  "last_revision_date": "2006-05-12T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple du 12 mai 2006 :",
      "url": "http://docs.info.apple.com/article.html?artnum=303737"
    }
  ],
  "reference": "CERTA-2006-AVI-195",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-05-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s sous Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Mac OS X",
      "url": null
    }
  ]
}

fkie_cve-2006-0024

Vulnerability from fkie_nvd

Published

2006-03-15 16:06

Modified

2025-04-03 01:03

Severity ?

Summary

Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.

References

URL	Tags
secure@microsoft.com	http://docs.info.apple.com/article.html?artnum=307179
secure@microsoft.com	http://lists.apple.com/archives/security-announce/2006/May/msg00003.html
secure@microsoft.com	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
secure@microsoft.com	http://secunia.com/advisories/19198
secure@microsoft.com	http://secunia.com/advisories/19218	Patch, Vendor Advisory
secure@microsoft.com	http://secunia.com/advisories/19259
secure@microsoft.com	http://secunia.com/advisories/19328
secure@microsoft.com	http://secunia.com/advisories/20045
secure@microsoft.com	http://secunia.com/advisories/20077
secure@microsoft.com	http://secunia.com/advisories/28136
secure@microsoft.com	http://securitytracker.com/id?1015770
secure@microsoft.com	http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml
secure@microsoft.com	http://www.kb.cert.org/vuls/id/945060	US Government Resource
secure@microsoft.com	http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html	Patch, Vendor Advisory
secure@microsoft.com	http://www.novell.com/linux/security/advisories/2006_15_flashplayer.html
secure@microsoft.com	http://www.opera.com/docs/changelogs/windows/854/
secure@microsoft.com	http://www.osvdb.org/23908
secure@microsoft.com	http://www.redhat.com/support/errata/RHSA-2006-0268.html	Vendor Advisory
secure@microsoft.com	http://www.securityfocus.com/bid/17106
secure@microsoft.com	http://www.securityfocus.com/bid/17951
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA06-075A.html	US Government Resource
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA06-129A.html	US Government Resource
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA06-132A.html	US Government Resource
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
secure@microsoft.com	http://www.vupen.com/english/advisories/2006/0952
secure@microsoft.com	http://www.vupen.com/english/advisories/2006/1262
secure@microsoft.com	http://www.vupen.com/english/advisories/2006/1744
secure@microsoft.com	http://www.vupen.com/english/advisories/2006/1779
secure@microsoft.com	http://www.vupen.com/english/advisories/2007/4238
secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-020
secure@microsoft.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/25005
secure@microsoft.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1894
secure@microsoft.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1922
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=307179
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2006/May/msg00003.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19198
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19218	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19259
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19328
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20045
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20077
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28136
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015770
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/945060	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2006_15_flashplayer.html
af854a3a-2127-422b-91ae-364da2661108	http://www.opera.com/docs/changelogs/windows/854/
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/23908
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0268.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/17106
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/17951
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA06-075A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA06-129A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA06-132A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0952
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/1262
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/1744
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/1779
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4238
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-020
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/25005
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1894
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1922

Impacted products

Vendor	Product	Version
macromedia	flash_player	*
macromedia	flash_player	4.0_r12
macromedia	flash_player	5.0
macromedia	flash_player	5.0_r50
macromedia	flash_player	6.0
macromedia	flash_player	6.0.29.0
macromedia	flash_player	6.0.40.0
macromedia	flash_player	6.0.47.0
macromedia	flash_player	6.0.65.0
macromedia	flash_player	6.0.79.0
macromedia	flash_player	7.0.19.0
macromedia	flash_player	7.0.60.0
macromedia	flash_player	7.0.61.0
macromedia	flash_player	7.0_r19

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D070180F-4058-480E-B489-D83310404B80",
              "versionEndIncluding": "8.0.22.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:4.0_r12:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAB0102B-7F42-40EA-AD40-B67C6942F860",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF005FC1-50A0-4233-A500-1E677EACDBE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:5.0_r50:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BB0BE19-EB29-4DEB-883C-89CB2023E54B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F8A8FD0-F9C9-4125-B682-A7F2B73D9BA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0.29.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B2A9976-1883-4D49-A512-C66FF12FDDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0.40.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C20DFF23-6215-4860-B091-ECC1C1C08DA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0.47.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1B943A-38AD-4472-B143-B66567EBC9E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0.65.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "141B7F64-5EDD-450D-A244-124366AD5800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0.79.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F44A2955-F536-4EA5-8D1E-94D35EE10B88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:7.0.19.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AA559D4-7887-4518-BAE4-17A60297014E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:7.0.60.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "614C9E32-62F6-4D99-A87E-4BFE2B734576",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:7.0.61.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AED0EDDC-B58E-4E1E-AE5E-1590D60AA013",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:7.0_r19:*:*:*:*:*:*:*",
              "matchCriteriaId": "74E436A0-D128-4225-8238-79E80353541D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file."
    }
  ],
  "id": "CVE-2006-0024",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2006-03-15T16:06:00.000",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://secunia.com/advisories/19198"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19218"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://secunia.com/advisories/19259"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://secunia.com/advisories/19328"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://secunia.com/advisories/20045"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://secunia.com/advisories/20077"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://secunia.com/advisories/28136"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://securitytracker.com/id?1015770"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/945060"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.novell.com/linux/security/advisories/2006_15_flashplayer.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.opera.com/docs/changelogs/windows/854/"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.osvdb.org/23908"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0268.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/bid/17106"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/bid/17951"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-075A.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-129A.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.vupen.com/english/advisories/2006/0952"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.vupen.com/english/advisories/2006/1262"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.vupen.com/english/advisories/2006/1744"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.vupen.com/english/advisories/2006/1779"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-020"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25005"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1894"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1922"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19198"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19218"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19259"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20045"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015770"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/945060"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2006_15_flashplayer.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.opera.com/docs/changelogs/windows/854/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/23908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0268.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/17106"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/17951"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-075A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-129A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0952"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/1262"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/1744"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/1779"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-020"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1894"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1922"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2006-0024

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.

Aliases

CVE-2006-0024

Aliases

CVE-2006-0024

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-0024",
    "description": "Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.",
    "id": "GSD-2006-0024",
    "references": [
      "https://www.suse.com/security/cve/CVE-2006-0024.html",
      "https://access.redhat.com/errata/RHSA-2006:0268"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-0024"
      ],
      "details": "Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.",
      "id": "GSD-2006-0024",
      "modified": "2023-12-13T01:19:50.395187Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2006-0024",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "17951",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/17951"
          },
          {
            "name": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html",
            "refsource": "CONFIRM",
            "url": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html"
          },
          {
            "name": "ADV-2007-4238",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/4238"
          },
          {
            "name": "macromedia-swf-code-execution(25005)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25005"
          },
          {
            "name": "TA07-352A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
          },
          {
            "name": "ADV-2006-1779",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/1779"
          },
          {
            "name": "23908",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/23908"
          },
          {
            "name": "ADV-2006-1262",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/1262"
          },
          {
            "name": "17106",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/17106"
          },
          {
            "name": "TA06-132A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"
          },
          {
            "name": "28136",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28136"
          },
          {
            "name": "19259",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19259"
          },
          {
            "name": "http://www.opera.com/docs/changelogs/windows/854/",
            "refsource": "CONFIRM",
            "url": "http://www.opera.com/docs/changelogs/windows/854/"
          },
          {
            "name": "TA06-129A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-129A.html"
          },
          {
            "name": "1015770",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1015770"
          },
          {
            "name": "RHSA-2006:0268",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0268.html"
          },
          {
            "name": "GLSA-200603-20",
            "refsource": "GENTOO",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml"
          },
          {
            "name": "20045",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20045"
          },
          {
            "name": "APPLE-SA-2007-12-17",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
          },
          {
            "name": "APPLE-SA-2006-05-11",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"
          },
          {
            "name": "SUSE-SA:2006:015",
            "refsource": "SUSE",
            "url": "http://www.novell.com/linux/security/advisories/2006_15_flashplayer.html"
          },
          {
            "name": "TA06-075A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-075A.html"
          },
          {
            "name": "oval:org.mitre.oval:def:1922",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1922"
          },
          {
            "name": "19328",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19328"
          },
          {
            "name": "http://docs.info.apple.com/article.html?artnum=307179",
            "refsource": "CONFIRM",
            "url": "http://docs.info.apple.com/article.html?artnum=307179"
          },
          {
            "name": "19218",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19218"
          },
          {
            "name": "19198",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19198"
          },
          {
            "name": "ADV-2006-1744",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/1744"
          },
          {
            "name": "20077",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20077"
          },
          {
            "name": "oval:org.mitre.oval:def:1894",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1894"
          },
          {
            "name": "MS06-020",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-020"
          },
          {
            "name": "ADV-2006-0952",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/0952"
          },
          {
            "name": "VU#945060",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/945060"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:5.0_r50:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:7.0.19.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:7.0.60.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0.29.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:7.0.61.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:7.0_r19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.0.22.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0.40.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0.47.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:4.0_r12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0.65.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0.79.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-0024"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html"
            },
            {
              "name": "17106",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/17106"
            },
            {
              "name": "19218",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/19218"
            },
            {
              "name": "RHSA-2006:0268",
              "refsource": "REDHAT",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0268.html"
            },
            {
              "name": "23908",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/23908"
            },
            {
              "name": "TA06-075A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-075A.html"
            },
            {
              "name": "VU#945060",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/945060"
            },
            {
              "name": "1015770",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1015770"
            },
            {
              "name": "19259",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/19259"
            },
            {
              "name": "SUSE-SA:2006:015",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://www.novell.com/linux/security/advisories/2006_15_flashplayer.html"
            },
            {
              "name": "GLSA-200603-20",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml"
            },
            {
              "name": "19198",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/19198"
            },
            {
              "name": "19328",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/19328"
            },
            {
              "name": "http://www.opera.com/docs/changelogs/windows/854/",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.opera.com/docs/changelogs/windows/854/"
            },
            {
              "name": "TA06-129A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-129A.html"
            },
            {
              "name": "APPLE-SA-2006-05-11",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"
            },
            {
              "name": "TA06-132A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"
            },
            {
              "name": "20077",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20077"
            },
            {
              "name": "17951",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/17951"
            },
            {
              "name": "20045",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20045"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307179",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://docs.info.apple.com/article.html?artnum=307179"
            },
            {
              "name": "APPLE-SA-2007-12-17",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
            },
            {
              "name": "TA07-352A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
            },
            {
              "name": "28136",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/28136"
            },
            {
              "name": "ADV-2006-0952",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/0952"
            },
            {
              "name": "ADV-2007-4238",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/4238"
            },
            {
              "name": "ADV-2006-1779",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/1779"
            },
            {
              "name": "ADV-2006-1744",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/1744"
            },
            {
              "name": "ADV-2006-1262",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/1262"
            },
            {
              "name": "macromedia-swf-code-execution(25005)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25005"
            },
            {
              "name": "oval:org.mitre.oval:def:1922",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1922"
            },
            {
              "name": "oval:org.mitre.oval:def:1894",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1894"
            },
            {
              "name": "MS06-020",
              "refsource": "MS",
              "tags": [],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-020"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": true,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2018-10-12T21:38Z",
      "publishedDate": "2006-03-15T16:06Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2006-0024 (GCVE-0-2006-0024)

Vulnerability from cvelistv5

Vulnerability from github

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from certfr_avis

Description

Contournement provisoire

Solution

Vulnerability from certfr_avis

Description

Solution

Vulnerability from certfr_avis

Description

Solution

Vulnerability from certfr_avis

Description

Solution

Vulnerability from fkie_nvd

Vulnerability from gsd

Tags

Sightings

Nomenclature