CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType. NOTE: the flexibility of the attack varies depending on the type of web browser being used.

An updated Adobe Flash Player package that fixes a security issue is now available.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

The flash-plugin package contains a Firefox-compatible Adobe Flash Player browser plug-in.

A flaw was found in the way the Adobe Flash Player generates HTTP requests. It was possible for a malicious Adobe Flash file to modify the HTTP header of the client request, which could be leveraged to exploit certain HTTP proxy and web server flaws. (CVE-2006-5330)

Users of Adobe Flash Player should upgrade to this updated package, which contains version 7.0.69 and is not vulnerable to this issue.

This security update brings the Adobe Flash Player to version 7.0.69.
It fixes the following security problem :

  - CRLF injection vulnerability in Adobe Flash Player     allows remote attackers to modify HTTP headers of client     requests and conduct HTTP Request Splitting attacks via     CRLF sequences in arguments to the ActionScript     functions (1) XML.addRequestHeader and (2)     XML.contentType. (CVE-2006-5330)

Note: the flexibility of the attack varies depending on the type of web browser being used.

This security update brings the Adobe Flash Player to version 7.0.69.
It fixes the following security problem :

  - CRLF injection vulnerability in Adobe Flash Player     allows remote attackers to modify HTTP headers of client     requests and conduct HTTP Request Splitting attacks via     CRLF sequences in arguments to the ActionScript     functions (1) XML.addRequestHeader and (2)     XML.contentType. NOTE: the flexibility of the attack     varies depending on the type of web browser being used.
    (CVE-2006-5330)

This security update brings the Adobe Flash Player to version 7.0.69.
It fixes the following security problem :

CVE-2006-5330: CRLF injection vulnerability in Adobe Flash Player allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType. NOTE: the flexibility of the attack varies depending on the type of web browser being used.

The remote host is running a version of Mac OS X 10.4 that is older than version 10.4.9 or a version of Mac OS X 10.3 that does not have Security Update 2007-003 applied. This update contains several security fixes for the following programs :

 - ColorSync
 - CoreGraphics
 - Crash Reporter
 - CUPS
 - Disk Images
 - DS Plugins
 - Flash Player
 - GNU Tar
 - HFS
 - HID Family
 - ImageIO
 - Kernel
 - MySQL server
 - Networking
 - OpenSSH
 - Printing
 - QuickDraw Manager
 - servermgrd
 - SMB File Server
 - Software Update
 - sudo 
 - WebLog

The remote host is running a version of Mac OS X 10.4 which is older than version 10.4.9 or a version of Mac OS X 10.3 which does not have Security Update 2007-003 applied.

This update contains several security fixes for the following programs :

 - ColorSync
 - CoreGraphics
 - Crash Reporter
 - CUPS
 - Disk Images
 - DS Plugins
 - Flash Player
 - GNU Tar
 - HFS
 - HID Family
 - ImageIO
 - Kernel
 - MySQL server
 - Networking
 - OpenSSH
 - Printing
 - QuickDraw Manager
 - servermgrd
 - SMB File Server
 - Software Update
 - sudo 
 - WebLog

According to its version number, the instance of Flash Player on the remote Windows host contains two ways for a remote attacker to perform arbitrary HTTP requests while controlling most of the HTTP headers.  A remote attacker may be able to leverage these issues to conduct cross-site request forgery attacks against a user who visits a malicious website.

ID	Name	Product	Family	Severity
63834	RHEL 3 / 4 : flash-plugin (RHSA-2007:0009)	Nessus	Red Hat Local Security Checks	medium
59118	SuSE 10 Security Update : flash-player (ZYPP Patch Number 2969)	Nessus	SuSE Local Security Checks	medium
29433	SuSE 10 Security Update : flash-player (ZYPP Patch Number 2357)	Nessus	SuSE Local Security Checks	medium
27220	openSUSE 10 Security Update : flash-player (flash-player-2359)	Nessus	SuSE Local Security Checks	medium
3947	Mac OS X < 10.4.9 Multiple Vulnerabilities (Security Update 2007-003)	Nessus Network Monitor	Web Clients	high
24811	Mac OS X < 10.4.9 Multiple Vulnerabilities (Security Update 2007-003)	Nessus	MacOS X Local Security Checks	critical
23869	Flash Player HTTP Header CRLF Injection (APSB06-18)	Nessus	Windows	medium

Detections

Analytics

CVE-2006-5330

high

Tenable Plugins

medium

medium

medium

medium

high

critical

medium