CVE-2007-3457

Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might allow remote attackers to conduct a CSRF…

mitre·CWE-352·Published 2007-07-11

CVSS

—

EPSS

0.07

KEV

Exploits

cve.orgen

170 chars

Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might allow remote attackers to conduct a CSRF attack via a crafted SWF file.

NVDen

170 chars

Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might allow remote attackers to conduct a CSRF attack via a crafted SWF file.

NVDes

278 chars

Una vulnerabilidad de inyección SQL en el archivo inferno.php en el Inferno Technologies RPG Inferno versión 2.4 y anteriores, un módulo vBulletin, permite a atacantes autenticados remotos ejecutar comandos SQL arbitrarios por medio del parámetro id en una acción ScanMember do.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N