Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2006-3311

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-12 Sep, 2006 | 23:00
Updated At-07 Aug, 2024 | 18:23
Rejected At-
Credits

Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:12 Sep, 2006 | 23:00
Updated At:07 Aug, 2024 | 18:23
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2006/3573
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/22054
third-party-advisory
x_refsource_SECUNIA
http://www.us-cert.gov/cas/techalerts/TA06-318A.html
third-party-advisory
x_refsource_CERT
http://secunia.com/advisories/22268
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/4507
vdb-entry
x_refsource_VUPEN
http://www.kb.cert.org/vuls/id/451380
third-party-advisory
x_refsource_CERT-VN
http://www.securityfocus.com/bid/19980
vdb-entry
x_refsource_BID
http://www.computerterrorism.com/research/ct12-09-2006.htm
x_refsource_MISC
http://secunia.com/advisories/22187
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/3852
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/22882
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/21865
third-party-advisory
x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/28886
vdb-entry
x_refsource_XF
http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html
vendor-advisory
x_refsource_APPLE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A394
vdb-entry
signature
x_refsource_OVAL
http://securityreason.com/securityalert/1546
third-party-advisory
x_refsource_SREASON
http://www.securityfocus.com/archive/1/445825/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://www.novell.com/linux/security/advisories/2006_53_flashplayer.html
vendor-advisory
x_refsource_SUSE
http://securitytracker.com/id?1016829
vdb-entry
x_refsource_SECTRACK
http://secunia.com/advisories/21901
third-party-advisory
x_refsource_SECUNIA
http://www.adobe.com/support/security/bulletins/apsb06-11.html
x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2006-0674.html
vendor-advisory
x_refsource_REDHAT
http://www.vupen.com/english/advisories/2006/3577
vdb-entry
x_refsource_VUPEN
http://www.us-cert.gov/cas/techalerts/TA06-275A.html
third-party-advisory
x_refsource_CERT
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069
vendor-advisory
x_refsource_MS
http://security.gentoo.org/glsa/glsa-200610-02.xml
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://www.vupen.com/english/advisories/2006/3573
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/22054
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA06-318A.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: http://secunia.com/advisories/22268
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2006/4507
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.kb.cert.org/vuls/id/451380
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.securityfocus.com/bid/19980
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.computerterrorism.com/research/ct12-09-2006.htm
Resource:
x_refsource_MISC
Hyperlink: http://secunia.com/advisories/22187
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2006/3852
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/22882
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/21865
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/28886
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A394
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://securityreason.com/securityalert/1546
Resource:
third-party-advisory
x_refsource_SREASON
Hyperlink: http://www.securityfocus.com/archive/1/445825/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.novell.com/linux/security/advisories/2006_53_flashplayer.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://securitytracker.com/id?1016829
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://secunia.com/advisories/21901
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb06-11.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0674.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.vupen.com/english/advisories/2006/3577
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA06-275A.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069
Resource:
vendor-advisory
x_refsource_MS
Hyperlink: http://security.gentoo.org/glsa/glsa-200610-02.xml
Resource:
vendor-advisory
x_refsource_GENTOO
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2006/3573
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/22054
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.us-cert.gov/cas/techalerts/TA06-318A.html
third-party-advisory
x_refsource_CERT
x_transferred
http://secunia.com/advisories/22268
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2006/4507
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.kb.cert.org/vuls/id/451380
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.securityfocus.com/bid/19980
vdb-entry
x_refsource_BID
x_transferred
http://www.computerterrorism.com/research/ct12-09-2006.htm
x_refsource_MISC
x_transferred
http://secunia.com/advisories/22187
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2006/3852
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/22882
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/21865
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/28886
vdb-entry
x_refsource_XF
x_transferred
http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html
vendor-advisory
x_refsource_APPLE
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A394
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://securityreason.com/securityalert/1546
third-party-advisory
x_refsource_SREASON
x_transferred
http://www.securityfocus.com/archive/1/445825/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.novell.com/linux/security/advisories/2006_53_flashplayer.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://securitytracker.com/id?1016829
vdb-entry
x_refsource_SECTRACK
x_transferred
http://secunia.com/advisories/21901
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.adobe.com/support/security/bulletins/apsb06-11.html
x_refsource_CONFIRM
x_transferred
http://www.redhat.com/support/errata/RHSA-2006-0674.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.vupen.com/english/advisories/2006/3577
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.us-cert.gov/cas/techalerts/TA06-275A.html
third-party-advisory
x_refsource_CERT
x_transferred
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069
vendor-advisory
x_refsource_MS
x_transferred
http://security.gentoo.org/glsa/glsa-200610-02.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/3573
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/22054
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA06-318A.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: http://secunia.com/advisories/22268
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/4507
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/451380
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.securityfocus.com/bid/19980
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.computerterrorism.com/research/ct12-09-2006.htm
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://secunia.com/advisories/22187
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/3852
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/22882
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/21865
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/28886
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A394
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://securityreason.com/securityalert/1546
Resource:
third-party-advisory
x_refsource_SREASON
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/445825/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2006_53_flashplayer.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://securitytracker.com/id?1016829
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://secunia.com/advisories/21901
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb06-11.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0674.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/3577
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA06-275A.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069
Resource:
vendor-advisory
x_refsource_MS
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200610-02.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:12 Sep, 2006 | 23:07
Updated At:03 Apr, 2025 | 01:03

Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.1MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 5.1
Base severity: MEDIUM
Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P
CPE Matches
Adobe Inc.
adobe
>>flash_player>>Versions up to 8.0.24.0(inclusive)
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>8
cpe:2.3:a:adobe:flash_player:8:*:pro:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>mx_2004
cpe:2.3:a:adobe:flash_player:mx_2004:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flex_sdk>>1.5
cpe:2.3:a:adobe:flex_sdk:1.5:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.htmlcve@mitre.org
N/A
http://secunia.com/advisories/21865cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/21901cve@mitre.org
N/A
http://secunia.com/advisories/22054cve@mitre.org
N/A
http://secunia.com/advisories/22187cve@mitre.org
N/A
http://secunia.com/advisories/22268cve@mitre.org
N/A
http://secunia.com/advisories/22882cve@mitre.org
N/A
http://security.gentoo.org/glsa/glsa-200610-02.xmlcve@mitre.org
N/A
http://securityreason.com/securityalert/1546cve@mitre.org
N/A
http://securitytracker.com/id?1016829cve@mitre.org
N/A
http://www.adobe.com/support/security/bulletins/apsb06-11.htmlcve@mitre.org
Patch
http://www.computerterrorism.com/research/ct12-09-2006.htmcve@mitre.org
Exploit
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/451380cve@mitre.org
US Government Resource
http://www.novell.com/linux/security/advisories/2006_53_flashplayer.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2006-0674.htmlcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/445825/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/19980cve@mitre.org
N/A
http://www.us-cert.gov/cas/techalerts/TA06-275A.htmlcve@mitre.org
US Government Resource
http://www.us-cert.gov/cas/techalerts/TA06-318A.htmlcve@mitre.org
US Government Resource
http://www.vupen.com/english/advisories/2006/3573cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/3577cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/3852cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/4507cve@mitre.org
N/A
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/28886cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A394cve@mitre.org
N/A
http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/21865af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/21901af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22054af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22187af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22268af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22882af854a3a-2127-422b-91ae-364da2661108
N/A
http://security.gentoo.org/glsa/glsa-200610-02.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://securityreason.com/securityalert/1546af854a3a-2127-422b-91ae-364da2661108
N/A
http://securitytracker.com/id?1016829af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.adobe.com/support/security/bulletins/apsb06-11.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
http://www.computerterrorism.com/research/ct12-09-2006.htmaf854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/451380af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.novell.com/linux/security/advisories/2006_53_flashplayer.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2006-0674.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/445825/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/19980af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.us-cert.gov/cas/techalerts/TA06-275A.htmlaf854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.us-cert.gov/cas/techalerts/TA06-318A.htmlaf854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.vupen.com/english/advisories/2006/3573af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/3577af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/3852af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/4507af854a3a-2127-422b-91ae-364da2661108
N/A
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/28886af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A394af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/21865
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21901
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/22054
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/22187
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/22268
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/22882
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200610-02.xml
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://securityreason.com/securityalert/1546
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://securitytracker.com/id?1016829
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb06-11.html
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.computerterrorism.com/research/ct12-09-2006.htm
Source: cve@mitre.org
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://www.kb.cert.org/vuls/id/451380
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.novell.com/linux/security/advisories/2006_53_flashplayer.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0674.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/445825/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/19980
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA06-275A.html
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA06-318A.html
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2006/3573
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/3577
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/3852
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/4507
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/28886
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A394
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/21865
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21901
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/22054
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/22187
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/22268
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/22882
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200610-02.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securityreason.com/securityalert/1546
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securitytracker.com/id?1016829
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb06-11.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.computerterrorism.com/research/ct12-09-2006.htm
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://www.kb.cert.org/vuls/id/451380
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.novell.com/linux/security/advisories/2006_53_flashplayer.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0674.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/445825/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/19980
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA06-275A.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA06-318A.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2006/3573
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/3577
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/3852
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/4507
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/28886
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A394
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

10Records found
CVE-2006-3587
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-28.89% / 96.39%
||
7 Day CHG~0.00%
Published-13 Jul, 2006 | 21:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to execute arbitrary commands via a malformed .swf file that results in "multiple improper memory access" errors.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CVE-2006-3453
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-15.96% / 94.50%
||
7 Day CHG~0.00%
Published-13 Jul, 2006 | 17:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Adobe Acrobat 6.0 to 6.0.4 allows remote attackers to execute arbitrary code via unknown vectors in a document that triggers the overflow when it is distilled to PDF.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-acrobatn/a
CVE-2005-0035
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-3.80% / 87.63%
||
7 Day CHG~0.00%
Published-21 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and earlier, when used with Internet Explorer, allows remote attackers to determine the existence of arbitrary files via the LoadFile ActiveX method.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-acrobat_readern/a
CVE-2002-1601
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-3.02% / 86.08%
||
7 Day CHG~0.00%
Published-20 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-photodeluxen/a
CVE-2021-21011
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7||HIGH
EPSS-0.83% / 73.61%
||
7 Day CHG~0.00%
Published-13 Jan, 2021 | 22:40
Updated-23 Apr, 2025 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Uncontrolled Search Path Element in Adobe Captivate 2019

Adobe Captivate 2019 version 11.5.1.499 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with permissions to write to the file system could leverage this vulnerability to escalate privileges.

Action-Not Available
Vendor-Adobe Inc.Microsoft Corporation
Product-windowscaptivateCaptivate
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2009-3462
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.1||MEDIUM
EPSS-3.48% / 87.10%
||
7 Day CHG~0.00%
Published-19 Oct, 2009 | 22:00
Updated-07 Aug, 2024 | 06:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug."

Action-Not Available
Vendor-n/aAdobe Inc.
Product-acrobat_readeracrobatn/a
CVE-2021-21010
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7||HIGH
EPSS-1.64% / 81.22%
||
7 Day CHG~0.00%
Published-13 Jan, 2021 | 22:43
Updated-16 Sep, 2024 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Uncontrolled search path element in Adobe InCopy

InCopy version 15.1.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Microsoft CorporationAdobe Inc.
Product-incopywindowsInCopy
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-23202
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7||HIGH
EPSS-7.29% / 91.28%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 16:38
Updated-23 Apr, 2025 | 19:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Creative Cloud Desktop Uncontrolled Search Path Element Arbitrary code execution

Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must download a malicious DLL file. The attacker has to deliver the DLL on the same folder as the installer which makes it as a high complexity attack vector.

Action-Not Available
Vendor-Adobe Inc.
Product-creative_cloud_desktop_applicationCreative Cloud (desktop component)
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24428
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.7||HIGH
EPSS-1.25% / 78.48%
||
7 Day CHG~0.00%
Published-05 Nov, 2020 | 19:31
Updated-16 Sep, 2024 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Acrobat Reader DC for macOS Race Condition Vulnerability Could Lead to Privilege Escalation

Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a time-of-check time-of-use (TOCTOU) race condition vulnerability that could result in local privilege escalation. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcacrobat_readeracrobatacrobat_reader_dcwindowsmacosAcrobat Reader
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2020-9615
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7||HIGH
EPSS-0.36% / 57.44%
||
7 Day CHG~0.00%
Published-25 Jun, 2020 | 21:21
Updated-04 Aug, 2024 | 10:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a race condition vulnerability. Successful exploitation could lead to security feature bypass.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Details not found