CVE-2008-2640

NONECVSS 0.0

0.0

Multiple cross-site scripting (XSS) vulnerabilities in the Flex 3 History Management feature in Adobe Flex 3.0.1 SDK and Flex Builder 3, and generated applications, allow remote attackers to inject arbitrary web script or HTML via the anchor identifier to (1) client-side-detection-with-history/history/historyFrame.html, (2) express-installation-with-history/history/historyFrame.html, or (3) no-player-detection-with-history/history/historyFrame.html in templates/html-templates/. NOTE: Firefox 2.0 and possibly other browsers prevent exploitation.

🔗 References (14)

cve@mitrehttp://blog.watchfire.com/wfblog/2008/06/javascript-code.html
cve@mitrehttp://secunia.com/advisories/30746
cve@mitrehttp://securitytracker.com/id?1020301
cve@mitrehttp://www.adobe.com/support/security/bulletins/apsb08-14.html
cve@mitrehttp://www.securityfocus.com/bid/29778
cve@mitrehttp://www.vupen.com/english/advisories/2008/1862
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/43150
af854a3a-2127-422b-91ae-364da2661108http://blog.watchfire.com/wfblog/2008/06/javascript-code.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30746
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1020301
af854a3a-2127-422b-91ae-364da2661108http://www.adobe.com/support/security/bulletins/apsb08-14.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/29778
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1862
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/43150

Is Your Infrastructure Affected by CVE-2008-2640?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-2640

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-2640?