Interaction error between Adobe Flash and multiple Universal Plug and Play (UPnP) services allow remote attackers to perform Cross-Site Request Forgery (CSRF) style attacks by using the Flash navigateToURL function to send a SOAP message to a UPnP control point, as demonstrated by changing the primary DNS server.

An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary.

This update has been rated as having critical security impact by the Red Hat Security Response Team.

The flash-plugin package contains a Firefox-compatible Adobe Flash Player Web browser plug-in.

Several input validation flaws were found in the way Flash Player displayed certain content. These may have made it possible to execute arbitrary code on a victim's machine, if the victim opened a malicious Adobe Flash file. (CVE-2007-0071, CVE-2007-6019)

A flaw was found in the way Flash Player established TCP sessions to remote hosts. A remote attacker could, consequently, use Flash Player to conduct a DNS rebinding attack. (CVE-2007-5275, CVE-2008-1655)

A flaw was found in the way Flash Player restricted the interpretation and usage of cross-domain policy files. A remote attacker could use Flash Player to conduct cross-domain and cross-site scripting attacks.
(CVE-2007-6243, CVE-2008-1654)

A flaw was found in the way Flash Player interacted with web browsers.
An attacker could use malicious content presented by Flash Player to conduct a cross-site scripting attack. (CVE-2007-6637)

All users of Adobe Flash Player should upgrade to this updated package, which contains Flash Player version 9.0.124.0 and resolves these issues.

The remote host is running a version of Mac OS X 10.4 that does not have the security update 2008-003 applied. 

This update contains security fixes for a number of programs.

The remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.3. 

Mac OS X 10.5.3 contains security fixes for a number of programs.

The remote host is affected by the vulnerability described in GLSA-200804-21 (Adobe Flash Player: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Adobe Flash:
    Secunia Research and Zero Day Initiative reported a boundary error     related to DeclareFunction2 Actionscript tags in SWF files     (CVE-2007-6019).
    The ISS X-Force and the Zero Day Initiative reported an unspecified     input validation error that might lead to a buffer overflow     (CVE-2007-0071).
    Microsoft, UBsecure and JPCERT/CC reported that cross-domain policy     files are not checked before sending HTTP headers to another domain     (CVE-2008-1654) and that it does not sufficiently restrict the     interpretation and usage of cross-domain policy files (CVE-2007-6243).
    The Stanford University and Ernst and Young's Advanced Security Center     reported that Flash does not pin DNS hostnames to a single IP     addresses, allowing for DNS rebinding attacks (CVE-2007-5275,     CVE-2008-1655).
    The Google Security Team and Minded Security Multiple reported multiple     cross-site scripting vulnerabilities when passing input to Flash     functions (CVE-2007-6637).
  Impact :

    A remote attacker could entice a user to open a specially crafted file     (usually in a web browser), possibly leading to the execution of     arbitrary code with the privileges of the user running the Adobe Flash     Player. The attacker could also cause a user's machine to send HTTP     requests to other hosts, establish TCP sessions with arbitrary hosts,     bypass the security sandbox model, or conduct Cross-Site Scripting and     Cross-Site Request Forgery attacks.
  Workaround :

    There is no known workaround at this time.

This flash player update to version 9.0.124.0 fixes several security problems. In the worst case an attacker could potentially have flash-player execute arbitrary code via specially crafted files.
(CVE-2007-5275, CVE-2007-6243, CVE-2007-6637, CVE-2007-6019, CVE-2007-0071, CVE-2008-1655, CVE-2008-1654)

This flash player update to version 9.0.124.0 fixes several security problems. In the worst case an attacker could potentially have flash-player execute arbitrary code via specially crafted files.
(CVE-2007-5275 / CVE-2007-6243 / CVE-2007-6637 / CVE-2007-6019 / CVE-2007-0071 / CVE-2008-1655 / CVE-2008-1654)

According to its version number, the instance of Flash Player on the remote Windows host is affected by multiple issues, including several that could allow for arbitrary code execution.

ID	Name	Product	Family	Severity
40719	RHEL 3 / 4 / 5 : flash-plugin (RHSA-2008:0221)	Nessus	Red Hat Local Security Checks	high
32478	Mac OS X Multiple Vulnerabilities (Security Update 2008-003)	Nessus	MacOS X Local Security Checks	critical
32477	Mac OS X 10.5.x < 10.5.3 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	critical
32014	GLSA-200804-21 : Adobe Flash Player: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
31965	openSUSE 10 Security Update : flash-player (flash-player-5161)	Nessus	SuSE Local Security Checks	high
31964	SuSE 10 Security Update : flash-player (ZYPP Patch Number 5159)	Nessus	SuSE Local Security Checks	high
4461	Flash Player < 9.0.124.0 APSB08-11 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	medium
31799	Flash Player < 8.0.42.0 / 9.0.124.0 Multiple Vulnerabilities (APSB08-11)	Nessus	Windows	high

Detections

Analytics

CVE-2008-1654

high

Tenable Plugins

high

critical

critical

high

high

high

medium

high