What is the severity of CVE-2007-6637?

CVE-2007-6637 is rated as a medium severity vulnerability due to the potential for cross-site scripting attacks.

How do I fix CVE-2007-6637?

To fix CVE-2007-6637, users should upgrade to the latest version of Adobe Flash Player that addresses the identified vulnerabilities.

What types of attacks does CVE-2007-6637 facilitate?

CVE-2007-6637 facilitates cross-site scripting (XSS) attacks, allowing remote attackers to inject arbitrary web scripts or HTML.

Which Adobe Flash Player versions are affected by CVE-2007-6637?

CVE-2007-6637 affects multiple versions of Adobe Flash Player including 7.0.25, 7.0.63, 8.0, and 9.0.x versions.

Can CVE-2007-6637 be exploited without user interaction?

Yes, CVE-2007-6637 can be exploited without user interaction if a user visits a malicious site hosting a crafted SWF file.

Vulnerability/
CVE-2007-6637

medium

4.3

CWE

4/1/2008

7/8/2024

CVE-2007-6637: XSS

First published: Fri Jan 04 2008(Updated: )

Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player allow remote attackers to inject arbitrary web script or HTML via a crafted SWF file, related to "pre-generated SWF files" and Adobe Dreamweaver CS3 or Adobe Acrobat Connect. NOTE: the asfunction: vector is already covered by CVE-2007-6244.1.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Adobe Flash Player for Internet Explorer 11	=7.0.25
Adobe Flash Player for Internet Explorer 11	=7.0.63
Adobe Flash Player for Internet Explorer 11	=7.0.69.0
Adobe Flash Player for Internet Explorer 11	=7.0.70.0
Adobe Flash Player for Internet Explorer 11	=8.0
Adobe Flash Player for Internet Explorer 11	=8.0.34.0
Adobe Flash Player for Internet Explorer 11	=8.0.35.0
Adobe Flash Player for Internet Explorer 11	=9.0.16
Adobe Flash Player for Internet Explorer 11	=9.0.18d60
Adobe Flash Player for Internet Explorer 11	=9.0.20.0
Adobe Flash Player for Internet Explorer 11	=9.0.28
Adobe Flash Player for Internet Explorer 11	=9.0.28.0
Adobe Flash Player for Internet Explorer 11	=9.0.31
Adobe Flash Player for Internet Explorer 11	=9.0.31.0
Adobe Flash Player for Internet Explorer 11	=9.0.45.0
Adobe Flash Player for Internet Explorer 11	=9.0.47.0
Adobe Flash Player for Internet Explorer 11	=9.0.48.0
Adobe Flash Player for Internet Explorer 11	=9.0.115.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-6637?
CVE-2007-6637 is rated as a medium severity vulnerability due to the potential for cross-site scripting attacks.
How do I fix CVE-2007-6637?
To fix CVE-2007-6637, users should upgrade to the latest version of Adobe Flash Player that addresses the identified vulnerabilities.
What types of attacks does CVE-2007-6637 facilitate?
CVE-2007-6637 facilitates cross-site scripting (XSS) attacks, allowing remote attackers to inject arbitrary web scripts or HTML.
Which Adobe Flash Player versions are affected by CVE-2007-6637?
CVE-2007-6637 affects multiple versions of Adobe Flash Player including 7.0.25, 7.0.63, 8.0, and 9.0.x versions.
Can CVE-2007-6637 be exploited without user interaction?
Yes, CVE-2007-6637 can be exploited without user interaction if a user visits a malicious site hosting a crafted SWF file.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/author
agent/last-modified-date
agent/event
agent/description
agent/first-publish-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/adobe
canonical/adobe flash player for internet explorer 11
version/adobe flash player for internet explorer 11/7.0.25
version/adobe flash player for internet explorer 11/7.0.63
version/adobe flash player for internet explorer 11/7.0.69.0
version/adobe flash player for internet explorer 11/7.0.70.0
version/adobe flash player for internet explorer 11/8.0
version/adobe flash player for internet explorer 11/8.0.34.0
version/adobe flash player for internet explorer 11/8.0.35.0
version/adobe flash player for internet explorer 11/9.0.16
version/adobe flash player for internet explorer 11/9.0.18d60
version/adobe flash player for internet explorer 11/9.0.20.0
version/adobe flash player for internet explorer 11/9.0.28
version/adobe flash player for internet explorer 11/9.0.28.0
version/adobe flash player for internet explorer 11/9.0.31
version/adobe flash player for internet explorer 11/9.0.31.0
version/adobe flash player for internet explorer 11/9.0.45.0
version/adobe flash player for internet explorer 11/9.0.47.0
version/adobe flash player for internet explorer 11/9.0.48.0
version/adobe flash player for internet explorer 11/9.0.115.0

Frequently Asked Questions

What is the severity of CVE-2007-6637?
CVE-2007-6637 is rated as a medium severity vulnerability due to the potential for cross-site scripting attacks.
How do I fix CVE-2007-6637?
To fix CVE-2007-6637, users should upgrade to the latest version of Adobe Flash Player that addresses the identified vulnerabilities.
What types of attacks does CVE-2007-6637 facilitate?
CVE-2007-6637 facilitates cross-site scripting (XSS) attacks, allowing remote attackers to inject arbitrary web scripts or HTML.
Which Adobe Flash Player versions are affected by CVE-2007-6637?
CVE-2007-6637 affects multiple versions of Adobe Flash Player including 7.0.25, 7.0.63, 8.0, and 9.0.x versions.
Can CVE-2007-6637 be exploited without user interaction?
Yes, CVE-2007-6637 can be exploited without user interaction if a user visits a malicious site hosting a crafted SWF file.

CVE-2007-6637: XSS

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-6637?

How do I fix CVE-2007-6637?

What types of attacks does CVE-2007-6637 facilitate?

Which Adobe Flash Player versions are affected by CVE-2007-6637?

Can CVE-2007-6637 be exploited without user interaction?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2007-6637?

How do I fix CVE-2007-6637?

What types of attacks does CVE-2007-6637 facilitate?

Which Adobe Flash Player versions are affected by CVE-2007-6637?

Can CVE-2007-6637 be exploited without user interaction?