Vulnerabilities > Adobe > Flash Player > 7.0.25
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-07-11 | CVE-2007-3457 | Cross-Site Request Forgery (CSRF) vulnerability in Adobe Flash Player Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might allow remote attackers to conduct a CSRF attack via a crafted SWF file. | 4.3 |
| 2007-07-11 | CVE-2007-3456 | Numeric Errors vulnerability in Adobe Flash Player Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an "input validation error," including a signed comparison of values that are assumed to be non-negative. | 9.3 |
| 2007-04-13 | CVE-2007-2022 | Information Exposure vulnerability in multiple products Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet. | 6.8 |
| 2006-09-12 | CVE-2006-4640 | Permissions, Privileges, and Access Controls vulnerability in Adobe Flash Player Unspecified vulnerability in Adobe Flash Player before 9.0.16.0 allows user-assisted remote attackers to bypass the allowScriptAccess protection via unspecified vectors. | 6.8 |
| 2006-09-12 | CVE-2006-3311 | Remote Code Execution vulnerability in Adobe Flash Player Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie. | 5.1 |