Information disclosure in Adobe Flash_player
CVE-2008-4821
Adobe Flash Player 9.0.124.0 and earlier, when a Mozilla browser is used, does not properly interpret jar: URLs, which allows attackers to obtain sensitive information via unknown vectors.
Vulnerability class: Information Disclosure
EPSS: 0.051 (91.4th percentile) — read the EPSS interpretation.
Affected products
- Adobe Flash_player — versions 7.0.69.0, 8.0.39.0, 9.0
- Mozilla Camino
- Mozilla Firefox
- Mozilla Seamonkey
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (Patch, vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN)
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (US Government Resource, x_refsource_CERT, third-party-advisory)
- cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)