CVE-2008-1834

Published Apr 16, 2008

Last updated a year ago

CVSS info 4.3

Overview

Description: swfdec_load_object.c in Swfdec before 0.6.4 does not properly restrict local file access from untrusted sandboxes, which allows remote attackers to read arbitrary files via a crafted Flash file.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:swfdec:swfdec:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93BCAD47-B325-47BE-BAAC-AB8443D8C31E",
            "versionEndIncluding": "0.6.2"
          },
          {
            "criteria": "cpe:2.3:a:swfdec:swfdec:0.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6CC0DF7-89DF-4765-8F23-9C689481D566"
          },
          {
            "criteria": "cpe:2.3:a:swfdec:swfdec:0.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E71D71A-E976-4C60-AD49-65850E74E507"
          },
          {
            "criteria": "cpe:2.3:a:swfdec:swfdec:0.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77C1F080-C555-46AB-A53B-1461650FC11D"
          },
          {
            "criteria": "cpe:2.3:a:swfdec:swfdec:0.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E8A5668-FAEF-4A62-92EE-C38D07302E75"
          },
          {
            "criteria": "cpe:2.3:a:swfdec:swfdec:0.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE44A473-AEF6-48E9-9521-0F23CE72A844"
          },
          {
            "criteria": "cpe:2.3:a:swfdec:swfdec:0.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A67C440E-E2C9-4075-AD49-17F9B916F505"
          },
          {
            "criteria": "cpe:2.3:a:swfdec:swfdec:0.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FAEBF1E-1DFC-48D6-8A0B-7A55BE6E1DA1"
          },
          {
            "criteria": "cpe:2.3:a:swfdec:swfdec:0.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E438B180-8CD3-4B01-A7F3-66A554AD84F9"
          },
          {
            "criteria": "cpe:2.3:a:swfdec:swfdec:0.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2DEAD3CC-A07A-4EB9-9DE8-9DD228F46892"
          },
          {
            "criteria": "cpe:2.3:a:swfdec:swfdec:0.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F46EDE3-9FFA-4FE1-B094-0544BFA5FDE9"
          },
          {
            "criteria": "cpe:2.3:a:swfdec:swfdec:0.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0C278DF-6587-4364-83E9-B3C57D8982C1"
          },
          {
            "criteria": "cpe:2.3:a:swfdec:swfdec:0.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "707154AC-2393-46D1-8E80-C15786DC1BAF"
          },
          {
            "criteria": "cpe:2.3:a:swfdec:swfdec:0.5.90:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68D11C1F-270A-452F-B76E-2CABFE23A421"
          },
          {
            "criteria": "cpe:2.3:a:swfdec:swfdec:0.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "281E12A8-508F-43FF-AB02-EB42198E28D1"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References