Vulnerability Description
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks.
CVSS Score
5.8
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Flash Player | 7.0 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html
- http://secunia.com/advisories/28157
- http://secunia.com/advisories/28161
- http://secunia.com/advisories/28213
- http://secunia.com/advisories/28570
- http://secunia.com/advisories/30507
- http://securitytracker.com/id?1019116
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
- http://www.adobe.com/support/security/bulletins/apsb07-20.html
- http://www.gentoo.org/security/en/glsa/glsa-200801-07.xml
- http://www.redhat.com/support/errata/RHSA-2007-1126.html
- http://www.securityfocus.com/bid/26929
- http://www.securityfocus.com/bid/26969
- http://www.us-cert.gov/cas/techalerts/TA07-355A.htmlUS Government Resource
- http://www.vupen.com/english/advisories/2007/4258
FAQ
What is CVE-2007-6245?
CVE-2007-6245 is a vulnerability with a CVSS score of 5.8 (MEDIUM). Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks.
How severe is CVE-2007-6245?
CVE-2007-6245 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-6245?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player.