Vulnerabilities > CVE-2008-5109 - Configuration vulnerability in Adobe Flash Media Server 3.0/3.5

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

adobe

CWE-16

NVD

Published: 2008-11-25

Updated: 2024-11-21

Summary

The default configuration of Adobe Flash Media Server (FMS) 3.0 does not enable SWF Verification for (1) RTMPE and (2) RTMPTE sessions, which makes it easier for remote attackers to make copies of video content via stream-capture software.

Vulnerable Configurations

Part	Description	Count
Application	Adobe Adobe Flash Media Server 3.5 Adobe Flash Media Server 3.0	2

Common Weakness Enumeration (CWE)

CWE-16 - Configuration

References

http://secunia.com/advisories/32771
http://secunia.com/advisories/32771
http://www.adobe.com/support/security/advisories/apsa08-11.html
http://www.adobe.com/support/security/advisories/apsa08-11.html
http://www.osvdb.org/49952
http://www.osvdb.org/49952