Detections
Analytics

CVE-2008-4824

critical

Description

Multiple unspecified vulnerabilities in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0 allow remote attackers to execute arbitrary code via unknown vectors related to "input validation errors."

References

http://www.vupen.com/english/advisories/2008/3444

http://www.vupen.com/english/advisories/2008/3189

http://www.us-cert.gov/cas/techalerts/TA08-350A.html

http://www.securityfocus.com/archive/1/498561/100/0/threaded

http://www.redhat.com/support/errata/RHSA-2008-0980.html

http://www.isecpartners.com/advisories/2008-01-flash.txt

http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm

http://support.apple.com/kb/HT3338

http://security.gentoo.org/glsa/glsa-200903-23.xml

http://secunia.com/advisories/34226

http://secunia.com/advisories/33390

http://secunia.com/advisories/33179

http://secunia.com/advisories/32772

http://secunia.com/advisories/32702

http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html

http://www.adobe.com/support/security/bulletins/apsb08-22.html

Details

Source: Mitre, NVD

Published: 2008-11-17

Updated: 2025-04-09

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.26366