CVE-2008-4824: Input Validation
First published: Mon Nov 17 2008(Updated: )
Multiple unspecified vulnerabilities in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0 allow remote attackers to execute arbitrary code via unknown vectors related to "input validation errors."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Macromedia Flash Player | >=9.0.16.0<9.0.151.0 | |
| Macromedia Flash Player | >=10<10.0.12.36 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.adobe.com/support/security/bulletins/apsb08-22.html
- http://www.isecpartners.com/advisories/2008-01-flash.txt
- http://www.us-cert.gov/cas/techalerts/TA08-350A.html
- http://www.redhat.com/support/errata/RHSA-2008-0980.html
- http://secunia.com/advisories/33179
- http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html
- http://secunia.com/advisories/32702
- http://support.apple.com/kb/HT3338
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1
- http://secunia.com/advisories/33390
- http://security.gentoo.org/glsa/glsa-200903-23.xml
- http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm
- http://secunia.com/advisories/34226
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=834256&poid=
- http://www.vupen.com/english/advisories/2008/3444
- http://www.vupen.com/english/advisories/2008/3189
- http://osvdb.org/49958
- http://secunia.com/advisories/32772
- http://www.securityfocus.com/archive/1/498561/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2008-4824?
CVE-2008-4824 has a high severity rating due to its potential to allow remote code execution.
How do I fix CVE-2008-4824?
To fix CVE-2008-4824, users should update Adobe Flash Player to version 10.0.12.36 or later for the 10.x branch or 9.0.151.0 or later for the 9.x branch.
What versions of Adobe Flash Player are affected by CVE-2008-4824?
CVE-2008-4824 affects Adobe Flash Player versions 9.x before 9.0.151.0 and 10.x before 10.0.12.36.
What types of vulnerabilities are present in CVE-2008-4824?
CVE-2008-4824 includes unspecified vulnerabilities related to input validation errors.
Who can exploit CVE-2008-4824?
CVE-2008-4824 can be exploited by remote attackers to execute arbitrary code.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/weakness
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/adobe
- canonical/macromedia flash player
- version/macromedia flash player/9.0.16.0
- version/macromedia flash player/10