[Japanese]

JVNDB-2007-000818

Flash Player allows to send arbitrary HTTP headers

Overview

Adobe Flash Player contains a vulnerability that could allow a remote attacker to modify HTTP headers of client requests and conduct a HTTP request splitting attack.

Adobe Flash Player is a player for the Flash media format and enables frame-based animations with sound to be viewed within a web browser.
Flash Player contains a vulnerability that could allow a remote attacker to modify HTTP headers of client requests and conduct a HTTP request splitting attack.

This vulnerability is different from JVN#72595280.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 4.3 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
Affected Products


Adobe Systems, Inc.
  • Adobe Flash Player 7.0.70.0 and earlier
  • Adobe Flash Player 8.0.35.0 and earlier
  • Adobe Flash Player 9.0.48.0 and earlier
Sun Microsystems, Inc.
  • OpenSolaris (sparc)
  • OpenSolaris (x86)
  • Sun Solaris 10 (sparc)
  • Sun Solaris 10 (x86)
Red Hat, Inc.
  • Red Hat Enterprise Linux Extras 4.5 extras
  • Red Hat Enterprise Linux Extras 3 extras
  • Red Hat Enterprise Linux Extras 4 extras
  • RHEL Desktop Supplementary 5 (client)
  • RHEL Supplementary 5 (server)

Impact

As Flash Player can send an arbitrary HTTP header, a remote attacker could bypass a security measure applied on a web application based on HTTP headers, if a user views a specially crafted Flash content.
Solution

[Update the Software]
For Flash Player 8.x or Flash Player 9.x
Apply the latest updates provided by the vendor.

[Apply the Patch]
For Flash Player 7.x
Apply the appropriate patch as specified in the Flash Player update TechNote provided by the vendor.
The vendor has announced that they discontinued the support of Flash Player 7.x and will no longer provide security updates after this update. Those who are unable to upgrade to Flash Player 8.x or 9.x and wish to continue to use Flash Player 7.x can find the archived installers in the Archived Flash Player TechNote.

For more information, refer to the vendor's website
Vendor Information

Adobe Systems, Inc. Sun Microsystems, Inc.
  • Sun Alert Notification : 238305
Red Hat, Inc.
CWE (What is CWE?)

  1. Buffer Errors(CWE-119) [NVD Evaluation]
CVE (What is CVE?)

  1. CVE-2007-6245
References

  1. JVN : JVN#50876069
  2. National Vulnerability Database (NVD) : CVE-2007-6245
  3. US-CERT Cyber Security Alerts : SA08-100A
  4. US-CERT Cyber Security Alerts : SA07-355A
  5. US-CERT Technical Cyber Security Alert : TA08-100A
  6. US-CERT Technical Cyber Security Alert : TA07-355A
  7. Secunia Advisory : SA28161
  8. ISS X-Force Database : 39134
  9. SecurityTracker : 1019116
  10. FrSIRT Advisories : FrSIRT/ADV-2007-4258
Revision History

  • [2008/05/21]
      Web page published
    [2008/06/20]
      Affected Products : Added Sun Microsystems, Inc (238305).
      Vendor Information : Added Sun Microsystems, Inc (238305).