Think you have a false positive on this rule?

Sid 1-21640

Message

EXPLOIT-KIT Phoenix exploit kit landing page

Summary

Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and distributed in Microsoft Data Access Components (MDAC) 2.7 and 2.8, allows remote attackers to execute arbitrary code via unknown attack vectors.

Impact

CVSS base score 5.1 CVSS impact score 6.4 CVSS exploitability score 4.9 confidentialityImpact PARTIAL integrityImpact PARTIAL availabilityImpact PARTIAL

CVE-2006-0003:

CVSS base score 5.1

CVSS impact score 6.4

CVSS exploitability score 4.9

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

CVE-2007-5659:

CVSS base score 9.3

CVSS impact score 10.0

CVSS exploitability score 8.6

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2008-0655:

CVSS base score 9.3

CVSS impact score 10.0

CVSS exploitability score 8.6

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2008-2992:

CVSS base score 9.3

CVSS impact score 10.0

CVSS exploitability score 8.6

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2008-5353:

CVSS base score 10.0

CVSS impact score 10.0

CVSS exploitability score 10.0

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2009-0927:

CVSS base score 9.3

CVSS impact score 10.0

CVSS exploitability score 8.6

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2009-3867:

CVSS base score 9.3

CVSS impact score 10.0

CVSS exploitability score 8.6

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2009-4324:

CVSS base score 9.3

CVSS impact score 10.0

CVSS exploitability score 8.6

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2010-0188:

CVSS base score 9.3

CVSS impact score 10.0

CVSS exploitability score 8.6

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2010-0248:

CVSS base score 9.3

CVSS impact score 10.0

CVSS exploitability score 8.6

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2010-0840:

CVSS base score 7.5

CVSS impact score 6.4

CVSS exploitability score 10.0

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

CVE-2010-0842:

CVSS base score 7.5

CVSS impact score 6.4

CVSS exploitability score 10.0

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

CVE-2010-0866:

CVSS base score 6.5

CVSS impact score 6.4

CVSS exploitability score 8.0

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

CVE-2010-1240:

CVSS base score 9.3

CVSS impact score 10.0

CVSS exploitability score 8.6

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2010-1297:

CVSS base score 9.3

CVSS impact score 10.0

CVSS exploitability score 8.6

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2011-2110:

CVSS base score 10.0

CVSS impact score 10.0

CVSS exploitability score 10.0

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2011-2140:

CVSS base score 10.0

CVSS impact score 10.0

CVSS exploitability score 10.0

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2011-2371:

CVSS base score 10.0

CVSS impact score 10.0

CVSS exploitability score 10.0

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2011-3544:

CVSS base score 10.0

CVSS impact score 10.0

CVSS exploitability score 10.0

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2011-3659:

CVSS base score 10.0

CVSS impact score 10.0

CVSS exploitability score 10.0

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2012-0500:

CVSS base score 10.0

CVSS impact score 10.0

CVSS exploitability score 10.0

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2012-0507:

CVSS base score 10.0

CVSS impact score 10.0

CVSS exploitability score 10.0

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2012-0779:

CVSS base score 9.3

CVSS impact score 10.0

CVSS exploitability score 8.6

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Detailed information

CVE-2006-0003: Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and distributed in Microsoft Data Access Components (MDAC) 2.7 and 2.8, allows remote attackers to execute arbitrary code via unknown attack vectors.

CVE-2007-5659: Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655.

CVE-2008-0655: Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors.

CVE-2008-2992: Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104.

CVE-2008-5353: The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and applications in a privileged context, as demonstrated by "deserializing Calendar objects".

CVE-2009-0927: Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658.

CVE-2009-3867: Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303.

CVE-2009-4324: Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.

CVE-2010-0188: Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.

CVE-2010-0248: Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."

CVE-2010-0840: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) "a similar trust issue with interfaces," aka "Trusted Methods Chaining Remote Code Execution Vulnerability."

CVE-2010-0842: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an uncontrolled array index that allows remote attackers to execute arbitrary code via a MIDI file with a crafted MixerSequencer object, related to the GM_Song structure.

CVE-2010-0866: Unspecified vulnerability in the JavaVM component in Oracle Database 11.1.0.7 and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2010-1240: Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PDF document, as demonstrated by a text field that claims that the Open button will enable the user to read an encrypted message.

CVE-2010-1297: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.

CVE-2011-2110: Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.

CVE-2011-2140: Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2417, and CVE-2011-2425.

CVE-2011-2371: Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object.

CVE-2011-3544: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.

CVE-2011-3659: Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes.

CVE-2012-0500: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and JavaFX 2.0.2 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

CVE-2012-0507: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.

CVE-2012-0779: Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; before 11.1.111.9 on Android 2.x and 3.x; and before 11.1.115.8 on Android 4.x allows remote attackers to execute arbitrary code via a crafted file, related to an "object confusion vulnerability," as exploited in the wild in May 2012.

Affected systems

  • microsoft dataaccesscomponents 2.5
  • microsoft dataaccesscomponents 2.7
  • microsoft dataaccesscomponents 2.8
  • adobe acrobat 8.1.1
  • adobe acrobat_reader 8.1.1
  • adobe acrobat 3.0
  • adobe acrobat 3.1
  • adobe acrobat 4.0
  • adobe acrobat 4.0.5
  • adobe acrobat 4.0.5a
  • adobe acrobat 4.0.5c
  • adobe acrobat 5.0
  • adobe acrobat 5.0.5
  • adobe acrobat 5.0.6
  • adobe acrobat 5.0.10
  • adobe acrobat 6.0
  • adobe acrobat 6.0.1
  • adobe acrobat 6.0.2
  • adobe acrobat 6.0.3
  • adobe acrobat 6.0.4
  • adobe acrobat 6.0.5
  • adobe acrobat 6.0.6
  • adobe acrobat 7.0
  • adobe acrobat 7.0.1
  • adobe acrobat 7.0.2
  • adobe acrobat 7.0.3
  • adobe acrobat 7.0.4
  • adobe acrobat 7.0.5
  • adobe acrobat 7.0.6
  • adobe acrobat 7.0.7
  • adobe acrobat 7.0.8
  • adobe acrobat 7.0.9
  • adobe acrobat 7.1.0
  • adobe acrobat 7.1.1
  • adobe acrobat 7.1.2
  • adobe acrobat 7.1.3
  • adobe acrobat 7.1.4
  • adobe acrobat 8.0.0
  • adobe acrobat 8.1
  • adobe acrobat_reader 3.0
  • adobe acrobat_reader 3.01
  • adobe acrobat_reader 3.02
  • adobe acrobat_reader 4.0
  • adobe acrobat_reader 4.0.5
  • adobe acrobat_reader 4.0.5a
  • adobe acrobat_reader 4.0.5c
  • adobe acrobat_reader 4.5
  • adobe acrobat_reader 5.0
  • adobe acrobat_reader 5.0.5
  • adobe acrobat_reader 5.0.6
  • adobe acrobat_reader 5.0.7
  • adobe acrobat_reader 5.0.9
  • adobe acrobat_reader 5.0.10
  • adobe acrobat_reader 5.0.11
  • adobe acrobat_reader 5.1
  • adobe acrobat_reader 6.0
  • adobe acrobat_reader 6.0.1
  • adobe acrobat_reader 6.0.2
  • adobe acrobat_reader 6.0.3
  • adobe acrobat_reader 6.0.4
  • adobe acrobat_reader 6.0.5
  • adobe acrobat_reader 6.0.6
  • adobe acrobat_reader 7.0
  • adobe acrobat_reader 7.0.1
  • adobe acrobat_reader 7.0.2
  • adobe acrobat_reader 7.0.3
  • adobe acrobat_reader 7.0.4
  • adobe acrobat_reader 7.0.5
  • adobe acrobat_reader 7.0.6
  • adobe acrobat_reader 7.0.7
  • adobe acrobat_reader 7.0.8
  • adobe acrobat_reader 7.0.9
  • adobe acrobat_reader 7.1.0
  • adobe acrobat_reader 7.1.1
  • adobe acrobat_reader 7.1.2
  • adobe acrobat_reader 7.1.3
  • adobe acrobat_reader 7.1.4
  • adobe acrobat_reader 8.0
  • adobe acrobat_reader 8.1
  • adobe acrobat 8.1.2
  • adobe acrobat_reader 8.1.2
  • sun jdk 5.0
  • sun jdk 6
  • sun jre 1.4.2_1
  • sun jre 1.4.2_2
  • sun jre 1.4.2_3
  • sun jre 1.4.2_4
  • sun jre 1.4.2_5
  • sun jre 1.4.2_6
  • sun jre 1.4.2_7
  • sun jre 1.4.2_8
  • sun jre 1.4.2_9
  • sun jre 1.4.2_10
  • sun jre 1.4.2_11
  • sun jre 1.4.2_12
  • sun jre 1.4.2_13
  • sun jre 1.4.2_14
  • sun jre 1.4.2_15
  • sun jre 1.4.2_16
  • sun jre 1.4.2_17
  • sun jre 1.4.2_18
  • sun jre 5.0
  • sun jre 6
  • sun sdk 1.4.2_1
  • sun sdk 1.4.2_2
  • sun sdk 1.4.2_3
  • sun sdk 1.4.2_4
  • sun sdk 1.4.2_5
  • sun sdk 1.4.2_6
  • sun sdk 1.4.2_7
  • sun sdk 1.4.2_8
  • sun sdk 1.4.2_9
  • sun sdk 1.4.2_10
  • sun sdk 1.4.2_11
  • sun sdk 1.4.2_12
  • sun sdk 1.4.2_13
  • sun sdk 1.4.2_14
  • sun sdk 1.4.2_15
  • sun sdk 1.4.2_16
  • sun sdk 1.4.2_17
  • sun sdk 1.4.2_18
  • adobe acrobat 8.0
  • adobe acrobat 9.0
  • adobe reader 7.0.1
  • adobe reader 7.0.2
  • adobe reader 7.0.3
  • adobe reader 7.0.5
  • adobe reader 7.0.7
  • adobe reader 7.0.8
  • adobe reader 7.0.9
  • adobe reader 7.1.0
  • adobe reader 8.1.1
  • adobe reader 8.1.2
  • adobe reader 9.0
  • sun jdk 1.5.0
  • sun jdk 1.6.0
  • sun jre 1.3.1_01
  • sun jre 1.3.1_01a
  • sun jre 1.3.1_02
  • sun jre 1.3.1_03
  • sun jre 1.3.1_04
  • sun jre 1.3.1_05
  • sun jre 1.3.1_06
  • sun jre 1.3.1_07
  • sun jre 1.3.1_08
  • sun jre 1.3.1_09
  • sun jre 1.3.1_10
  • sun jre 1.3.1_11
  • sun jre 1.3.1_12
  • sun jre 1.3.1_13
  • sun jre 1.3.1_14
  • sun jre 1.3.1_15
  • sun jre 1.3.1_16
  • sun jre 1.3.1_17
  • sun jre 1.3.1_18
  • sun jre 1.3.1_19
  • sun jre 1.3.1_20
  • sun jre 1.3.1_21
  • sun jre 1.3.1_22
  • sun jre 1.3.1_23
  • sun jre 1.3.1_24
  • sun jre 1.3.1_25
  • sun jre 1.4.2_19
  • sun jre 1.4.2_20
  • sun jre 1.4.2_21
  • sun jre 1.4.2_22
  • sun jre 1.5.0
  • sun jre 1.6.0
  • sun sdk 1.3.1_01
  • sun sdk 1.3.1_01a
  • sun sdk 1.3.1_02
  • sun sdk 1.3.1_03
  • sun sdk 1.3.1_04
  • sun sdk 1.3.1_05
  • sun sdk 1.3.1_06
  • sun sdk 1.3.1_7
  • sun sdk 1.3.1_8
  • sun sdk 1.3.1_9
  • sun sdk 1.3.1_10
  • sun sdk 1.3.1_11
  • sun sdk 1.3.1_12
  • sun sdk 1.3.1_13
  • sun sdk 1.3.1_14
  • sun sdk 1.3.1_15
  • sun sdk 1.3.1_16
  • sun sdk 1.3.1_17
  • sun sdk 1.3.1_18
  • sun sdk 1.3.1_19
  • sun sdk 1.3.1_20
  • sun sdk 1.3.1_21
  • sun sdk 1.3.1_22
  • sun sdk 1.3.1_23
  • sun sdk 1.3.1_24
  • sun sdk 1.3.1_25
  • sun sdk 1.4.2_19
  • sun sdk 1.4.2_20
  • sun sdk 1.4.2_21
  • sun sdk 1.4.2_22
  • adobe acrobat_reader 9.0
  • adobe acrobat_reader 9.1
  • adobe acrobat_reader 9.2
  • adobe acrobat_reader 8.1.3
  • adobe acrobat_reader 8.1.4
  • adobe acrobat_reader 8.1.5
  • adobe acrobat_reader 8.1.6
  • adobe acrobat_reader 8.1.7
  • adobe acrobat_reader 9.1.1
  • adobe acrobat_reader 9.1.2
  • adobe acrobat_reader 9.1.3
  • adobe acrobat_reader 9.3
  • microsoft ie 6
  • microsoft ie 6.0
  • microsoft ie 6.00.2462.0000
  • microsoft ie 6.00.2479.0006
  • microsoft ie 6.0.2600
  • microsoft ie 6.00.2600.0000
  • microsoft ie 6.0.2800
  • microsoft ie 6.0.2800.1106
  • microsoft ie 6.0.2900
  • microsoft ie 6.0.2900.2180
  • microsoft ie 6.00.3663.0000
  • microsoft ie 6.00.3718.0000
  • microsoft ie 6.00.3790.0000
  • microsoft ie 6.00.3790.1830
  • microsoft ie 6.00.3790.3959
  • microsoft ie 7
  • microsoft ie 7.0
  • microsoft ie 7.0.5730
  • microsoft ie 7.0.5730.11
  • microsoft ie 7.00.5730.1100
  • microsoft ie 7.00.6000.16386
  • microsoft ie 7.00.6000.16441
  • microsoft ie 8
  • microsoft ie 8.0.6001
  • sun jre 1.4.2
  • sun jre 1.4.2_23
  • sun jre 1.4.2_24
  • sun jre 1.4.2_25
  • sun sdk 1.4.2
  • sun sdk 1.4.2_02
  • sun sdk 1.4.2_23
  • sun sdk 1.4.2_24
  • sun sdk 1.4.2_25
  • sun jdk 1.3.0
  • sun jdk 1.3.0_01
  • sun jdk 1.3.0_02
  • sun jdk 1.3.0_03
  • sun jdk 1.3.0_04
  • sun jdk 1.3.0_05
  • sun jdk 1.3.1
  • sun jdk 1.3.1_01
  • sun jdk 1.3.1_01a
  • sun jdk 1.3.1_02
  • sun jdk 1.3.1_03
  • sun jdk 1.3.1_04
  • sun jdk 1.3.1_05
  • sun jdk 1.3.1_06
  • sun jdk 1.3.1_07
  • sun jdk 1.3.1_08
  • sun jdk 1.3.1_09
  • sun jdk 1.3.1_10
  • sun jdk 1.3.1_11
  • sun jdk 1.3.1_12
  • sun jdk 1.3.1_13
  • sun jdk 1.3.1_14
  • sun jdk 1.3.1_15
  • sun jdk 1.3.1_16
  • sun jdk 1.3.1_17
  • sun jdk 1.3.1_18
  • sun jdk 1.3.1_19
  • sun jdk 1.3.1_20
  • sun jdk 1.3.1_21
  • sun jdk 1.3.1_22
  • sun jdk 1.3.1_23
  • sun jdk 1.3.1_24
  • sun jdk 1.3.1_25
  • sun jdk 1.3.1_26
  • sun jdk 1.3.1_27
  • sun jre 1.3.0
  • sun jre 1.3.1
  • sun jre 1.3.1_2
  • sun jre 1.3.1_26
  • sun jre 1.3.1_27
  • sun sdk 1.3.0
  • sun sdk 1.3.0_01
  • sun sdk 1.3.0_02
  • sun sdk 1.3.0_03
  • sun sdk 1.3.0_04
  • sun sdk 1.3.0_05
  • sun sdk 1.3.1
  • sun sdk 1.3.1_07
  • sun sdk 1.3.1_08
  • sun sdk 1.3.1_09
  • sun sdk 1.3.1_26
  • sun sdk 1.3.1_27
  • oracle database_server 11.1.0.7
  • oracle database_server 11.2.0.1
  • adobe acrobat_reader 9.3.1
  • adobe acrobat 9.1
  • adobe acrobat 9.1.1
  • adobe acrobat 9.1.2
  • adobe acrobat 9.1.3
  • adobe acrobat 9.2
  • adobe acrobat 9.3
  • adobe acrobat 9.3.1
  • adobe acrobat 9.3.2
  • adobe acrobat_reader 9.3.2
  • adobe flash_player 9.0.16
  • adobe flash_player 9.0.18d60
  • adobe flash_player 9.0.20
  • adobe flash_player 9.0.20.0
  • adobe flash_player 9.0.28
  • adobe flash_player 9.0.28.0
  • adobe flash_player 9.0.31
  • adobe flash_player 9.0.31.0
  • adobe flash_player 9.0.45.0
  • adobe flash_player 9.0.47.0
  • adobe flash_player 9.0.48.0
  • adobe flash_player 9.0.112.0
  • adobe flash_player 9.0.114.0
  • adobe flash_player 9.0.115.0
  • adobe flash_player 9.0.124.0
  • adobe flash_player 9.0.125.0
  • adobe flash_player 9.0.151.0
  • adobe flash_player 9.0.152.0
  • adobe flash_player 9.0.159.0
  • adobe flash_player 9.0.246.0
  • adobe flash_player 9.0.260.0
  • adobe flash_player 9.0.262.0
  • adobe flash_player 10.0.0.584
  • adobe flash_player 10.0.12.10
  • adobe flash_player 10.0.12.36
  • adobe flash_player 10.0.15.3
  • adobe flash_player 10.0.22.87
  • adobe flash_player 10.0.32.18
  • adobe flash_player 10.0.42.34
  • adobe flash_player 10.0.45.2
  • adobe flash_player 6.0.21.0
  • adobe flash_player 6.0.79
  • adobe flash_player 7
  • adobe flash_player 7.0
  • adobe flash_player 7.0.1
  • adobe flash_player 7.0.14.0
  • adobe flash_player 7.0.19.0
  • adobe flash_player 7.0.24.0
  • adobe flash_player 7.0.25
  • adobe flash_player 7.0.53.0
  • adobe flash_player 7.0.60.0
  • adobe flash_player 7.0.61.0
  • adobe flash_player 7.0.63
  • adobe flash_player 7.0.66.0
  • adobe flash_player 7.0.67.0
  • adobe flash_player 7.0.68.0
  • adobe flash_player 7.0.69.0
  • adobe flash_player 7.0.70.0
  • adobe flash_player 7.0.73.0
  • adobe flash_player 7.1
  • adobe flash_player 7.1.1
  • adobe flash_player 7.2
  • adobe flash_player 8
  • adobe flash_player 8.0
  • adobe flash_player 8.0.22.0
  • adobe flash_player 8.0.24.0
  • adobe flash_player 8.0.33.0
  • adobe flash_player 8.0.34.0
  • adobe flash_player 8.0.35.0
  • adobe flash_player 8.0.39.0
  • adobe flash_player 8.0.42.0
  • adobe flash_player 9
  • adobe flash_player 9.0.155.0
  • adobe flash_player 9.0.277.0
  • adobe flash_player 9.0.283.0
  • adobe flash_player 9.125.0
  • adobe flash_player 10.1.52.14.1
  • adobe flash_player 10.1.52.15
  • adobe flash_player 10.1.53.64
  • adobe flash_player 10.1.82.76
  • adobe flash_player 10.1.85.3
  • adobe flash_player 10.1.92.8
  • adobe flash_player 10.1.92.10
  • adobe flash_player 10.1.95.1
  • adobe flash_player 10.1.95.2
  • adobe flash_player 10.1.102.64
  • adobe flash_player 10.1.105.6
  • adobe flash_player 10.1.106.16
  • adobe flash_player 10.2.152
  • adobe flash_player 10.2.152.32
  • adobe flash_player 10.2.152.33
  • adobe flash_player 10.2.154.13
  • adobe flash_player 10.2.154.25
  • adobe flash_player 10.2.156.12
  • adobe flash_player 10.2.157.51
  • adobe flash_player 10.2.159.1
  • adobe flash_player 10.3.181.14
  • adobe flash_player 10.3.181.16
  • adobe flash_player 10.3.181.23
  • adobe flash_player 10.3.185.21
  • adobe flash_player 10.3.185.23
  • adobe adobe_air 1.0
  • adobe adobe_air 1.1
  • adobe adobe_air 1.5
  • adobe adobe_air 1.5.2
  • adobe adobe_air 1.5.3
  • adobe adobe_air 2.0.2
  • adobe adobe_air 2.0.3
  • adobe adobe_air 2.0.4
  • adobe adobe_air 2.6
  • adobe adobe_air 2.7
  • adobe flash_player 10.3.181.34
  • adobe flash_player 10.3.181.36
  • adobe flash_player 10.3.185.25
  • mozilla firefox 1.0
  • mozilla firefox 1.0.1
  • mozilla firefox 1.0.2
  • mozilla firefox 1.0.3
  • mozilla firefox 1.0.4
  • mozilla firefox 1.0.5
  • mozilla firefox 1.0.6
  • mozilla firefox 1.0.7
  • mozilla firefox 1.0.8
  • mozilla firefox 1.5
  • mozilla firefox 1.5.0.1
  • mozilla firefox 1.5.0.2
  • mozilla firefox 1.5.0.3
  • mozilla firefox 1.5.0.4
  • mozilla firefox 1.5.0.5
  • mozilla firefox 1.5.0.6
  • mozilla firefox 1.5.0.7
  • mozilla firefox 1.5.0.8
  • mozilla firefox 1.5.0.9
  • mozilla firefox 1.5.0.10
  • mozilla firefox 1.5.0.11
  • mozilla firefox 1.5.0.12
  • mozilla firefox 1.5.1
  • mozilla firefox 1.5.2
  • mozilla firefox 1.5.3
  • mozilla firefox 1.5.4
  • mozilla firefox 1.5.5
  • mozilla firefox 1.5.6
  • mozilla firefox 1.5.7
  • mozilla firefox 1.5.8
  • mozilla firefox 2.0
  • mozilla firefox 2.0.0.1
  • mozilla firefox 2.0.0.2
  • mozilla firefox 2.0.0.3
  • mozilla firefox 2.0.0.4
  • mozilla firefox 2.0.0.5
  • mozilla firefox 2.0.0.6
  • mozilla firefox 2.0.0.7
  • mozilla firefox 2.0.0.8
  • mozilla firefox 2.0.0.9
  • mozilla firefox 2.0.0.10
  • mozilla firefox 2.0.0.11
  • mozilla firefox 2.0.0.12
  • mozilla firefox 2.0.0.13
  • mozilla firefox 2.0.0.14
  • mozilla firefox 2.0.0.15
  • mozilla firefox 2.0.0.16
  • mozilla firefox 2.0.0.17
  • mozilla firefox 2.0.0.18
  • mozilla firefox 2.0.0.19
  • mozilla firefox 2.0.0.20
  • mozilla firefox 3.0
  • mozilla firefox 3.0.1
  • mozilla firefox 3.0.2
  • mozilla firefox 3.0.3
  • mozilla firefox 3.0.4
  • mozilla firefox 3.0.5
  • mozilla firefox 3.0.6
  • mozilla firefox 3.0.7
  • mozilla firefox 3.0.8
  • mozilla firefox 3.0.9
  • mozilla firefox 3.0.10
  • mozilla firefox 3.0.11
  • mozilla firefox 3.0.12
  • mozilla firefox 3.0.13
  • mozilla firefox 3.0.14
  • mozilla firefox 3.0.15
  • mozilla firefox 3.0.16
  • mozilla firefox 3.0.17
  • mozilla firefox 3.5
  • mozilla firefox 3.5.1
  • mozilla firefox 3.5.2
  • mozilla firefox 3.5.3
  • mozilla firefox 3.5.4
  • mozilla firefox 3.5.5
  • mozilla firefox 3.5.6
  • mozilla firefox 3.5.7
  • mozilla firefox 3.5.8
  • mozilla firefox 3.5.9
  • mozilla firefox 3.5.10
  • mozilla firefox 3.5.11
  • mozilla firefox 3.5.12
  • mozilla firefox 3.5.13
  • mozilla firefox 3.5.14
  • mozilla firefox 3.5.15
  • mozilla firefox 3.5.16
  • mozilla firefox 3.5.17
  • mozilla firefox 3.5.18
  • mozilla firefox 3.5.19
  • mozilla firefox 3.6
  • mozilla firefox 3.6.2
  • mozilla firefox 3.6.3
  • mozilla firefox 3.6.4
  • mozilla firefox 3.6.6
  • mozilla firefox 3.6.7
  • mozilla firefox 3.6.8
  • mozilla firefox 3.6.9
  • mozilla firefox 3.6.10
  • mozilla firefox 3.6.11
  • mozilla firefox 3.6.12
  • mozilla firefox 3.6.13
  • mozilla firefox 3.6.14
  • mozilla firefox 3.6.15
  • mozilla firefox 3.6.16
  • mozilla firefox 3.6.17
  • mozilla firefox 4.0
  • mozilla firefox 4.0.1
  • mozilla seamonkey 1.0
  • mozilla seamonkey 1.0.1
  • mozilla seamonkey 1.0.2
  • mozilla seamonkey 1.0.3
  • mozilla seamonkey 1.0.4
  • mozilla seamonkey 1.0.5
  • mozilla seamonkey 1.0.6
  • mozilla seamonkey 1.0.7
  • mozilla seamonkey 1.0.8
  • mozilla seamonkey 1.0.9
  • mozilla seamonkey 1.1
  • mozilla seamonkey 1.1.1
  • mozilla seamonkey 1.1.2
  • mozilla seamonkey 1.1.3
  • mozilla seamonkey 1.1.4
  • mozilla seamonkey 1.1.5
  • mozilla seamonkey 1.1.6
  • mozilla seamonkey 1.1.7
  • mozilla seamonkey 1.1.8
  • mozilla seamonkey 1.1.9
  • mozilla seamonkey 1.1.10
  • mozilla seamonkey 1.1.11
  • mozilla seamonkey 1.1.12
  • mozilla seamonkey 1.1.13
  • mozilla seamonkey 1.1.14
  • mozilla seamonkey 1.1.15
  • mozilla seamonkey 1.1.16
  • mozilla seamonkey 1.1.17
  • mozilla seamonkey 1.1.18
  • mozilla seamonkey 1.1.19
  • mozilla seamonkey 1.5.0.8
  • mozilla seamonkey 1.5.0.9
  • mozilla seamonkey 1.5.0.10
  • mozilla seamonkey 2.0
  • mozilla seamonkey 2.0.1
  • mozilla seamonkey 2.0.2
  • mozilla seamonkey 2.0.3
  • mozilla seamonkey 2.0.4
  • mozilla seamonkey 2.0.5
  • mozilla seamonkey 2.0.6
  • mozilla seamonkey 2.0.7
  • mozilla seamonkey 2.0.8
  • mozilla seamonkey 2.0.9
  • mozilla seamonkey 2.0.10
  • mozilla seamonkey 2.0.11
  • mozilla seamonkey 2.0.12
  • mozilla seamonkey 2.0.13
  • mozilla seamonkey 2.0.14
  • mozilla thunderbird 0.1
  • mozilla thunderbird 0.2
  • mozilla thunderbird 0.3
  • mozilla thunderbird 0.4
  • mozilla thunderbird 0.5
  • mozilla thunderbird 0.6
  • mozilla thunderbird 0.7
  • mozilla thunderbird 0.7.1
  • mozilla thunderbird 0.7.2
  • mozilla thunderbird 0.7.3
  • mozilla thunderbird 0.8
  • mozilla thunderbird 0.9
  • mozilla thunderbird 1.0
  • mozilla thunderbird 1.0.1
  • mozilla thunderbird 1.0.2
  • mozilla thunderbird 1.0.3
  • mozilla thunderbird 1.0.4
  • mozilla thunderbird 1.0.5
  • mozilla thunderbird 1.0.6
  • mozilla thunderbird 1.0.7
  • mozilla thunderbird 1.0.8
  • mozilla thunderbird 1.5
  • mozilla thunderbird 1.5.0.1
  • mozilla thunderbird 1.5.0.2
  • mozilla thunderbird 1.5.0.3
  • mozilla thunderbird 1.5.0.4
  • mozilla thunderbird 1.5.0.5
  • mozilla thunderbird 1.5.0.6
  • mozilla thunderbird 1.5.0.7
  • mozilla thunderbird 1.5.0.8
  • mozilla thunderbird 1.5.0.9
  • mozilla thunderbird 1.5.0.10
  • mozilla thunderbird 1.5.0.11
  • mozilla thunderbird 1.5.0.12
  • mozilla thunderbird 1.5.0.13
  • mozilla thunderbird 1.5.0.14
  • mozilla thunderbird 1.5.1
  • mozilla thunderbird 1.5.2
  • mozilla thunderbird 1.7.1
  • mozilla thunderbird 1.7.3
  • mozilla thunderbird 2.0
  • mozilla thunderbird 2.0.0.0
  • mozilla thunderbird 2.0.0.1
  • mozilla thunderbird 2.0.0.2
  • mozilla thunderbird 2.0.0.3
  • mozilla thunderbird 2.0.0.4
  • mozilla thunderbird 2.0.0.5
  • mozilla thunderbird 2.0.0.6
  • mozilla thunderbird 2.0.0.7
  • mozilla thunderbird 2.0.0.8
  • mozilla thunderbird 2.0.0.9
  • mozilla thunderbird 2.0.0.12
  • mozilla thunderbird 2.0.0.14
  • mozilla thunderbird 2.0.0.16
  • mozilla thunderbird 2.0.0.17
  • mozilla thunderbird 2.0.0.18
  • mozilla thunderbird 2.0.0.19
  • mozilla thunderbird 2.0.0.21
  • mozilla thunderbird 2.0.0.22
  • mozilla thunderbird 2.0.0.23
  • mozilla thunderbird 3.0
  • mozilla thunderbird 3.0.1
  • mozilla thunderbird 3.0.2
  • mozilla thunderbird 3.0.3
  • mozilla thunderbird 3.0.4
  • mozilla thunderbird 3.0.5
  • mozilla thunderbird 3.0.6
  • mozilla thunderbird 3.0.7
  • mozilla thunderbird 3.0.8
  • mozilla thunderbird 3.0.9
  • mozilla thunderbird 3.0.10
  • mozilla thunderbird 3.0.11
  • mozilla thunderbird 3.1
  • mozilla thunderbird 3.1.1
  • mozilla thunderbird 3.1.2
  • mozilla thunderbird 3.1.3
  • mozilla thunderbird 3.1.4
  • mozilla thunderbird 3.1.5
  • mozilla thunderbird 3.1.6
  • mozilla thunderbird 3.1.7
  • mozilla thunderbird 3.1.8
  • mozilla thunderbird 3.1.9
  • mozilla thunderbird 3.1.10
  • sun jdk 1.7.0
  • sun jre 1.7.0
  • mozilla firefox 0.1
  • mozilla firefox 0.2
  • mozilla firefox 0.3
  • mozilla firefox 0.4
  • mozilla firefox 0.5
  • mozilla firefox 0.6
  • mozilla firefox 0.6.1
  • mozilla firefox 0.7
  • mozilla firefox 0.7.1
  • mozilla firefox 0.8
  • mozilla firefox 0.9
  • mozilla firefox 0.9.1
  • mozilla firefox 0.9.2
  • mozilla firefox 0.9.3
  • mozilla firefox 0.10
  • mozilla firefox 0.10.1
  • mozilla firefox 1.4.1
  • mozilla firefox 1.8
  • mozilla firefox 3.6.18
  • mozilla firefox 3.6.19
  • mozilla firefox 3.6.20
  • mozilla firefox 3.6.21
  • mozilla firefox 3.6.22
  • mozilla firefox 3.6.23
  • mozilla firefox 3.6.24
  • mozilla firefox 3.6.25
  • mozilla firefox 5.0
  • mozilla firefox 5.0.1
  • mozilla firefox 6.0
  • mozilla firefox 6.0.1
  • mozilla firefox 6.0.2
  • mozilla firefox 7.0
  • mozilla firefox 8.0
  • mozilla firefox 8.0.1
  • mozilla firefox 9.0
  • mozilla seamonkey 2.1
  • mozilla seamonkey 2.2
  • mozilla seamonkey 2.3
  • mozilla seamonkey 2.3.1
  • mozilla seamonkey 2.3.2
  • mozilla seamonkey 2.3.3
  • mozilla seamonkey 2.4
  • mozilla seamonkey 2.4.1
  • mozilla seamonkey 2.5
  • mozilla seamonkey 2.6
  • mozilla seamonkey 2.6.1
  • mozilla seamonkey 2.7
  • mozilla thunderbird 2.0.0.11
  • mozilla thunderbird 2.0.0.13
  • mozilla thunderbird 2.0.0.15
  • mozilla thunderbird 2.0.0.20
  • mozilla thunderbird 3.1.11
  • mozilla thunderbird 3.1.12
  • mozilla thunderbird 3.1.13
  • mozilla thunderbird 3.1.14
  • mozilla thunderbird 3.1.15
  • mozilla thunderbird 3.1.16
  • mozilla thunderbird 3.1.17
  • mozilla thunderbird 5.0
  • mozilla thunderbird 6.0
  • mozilla thunderbird 6.0.1
  • mozilla thunderbird 6.0.2
  • mozilla thunderbird 7.0
  • mozilla thunderbird 8.0
  • mozilla thunderbird 9.0
  • oracle javafx 1.2
  • oracle javafx 1.2.2
  • oracle javafx 1.2.3
  • oracle javafx 1.3.0
  • oracle javafx 1.3.1
  • oracle javafx 2.0
  • oracle javafx 2.0.2
  • oracle jre 1.6.0
  • oracle jre 1.7.0
  • adobe flash_player 9.0.8.0
  • adobe flash_player 9.0.9.0
  • adobe flash_player 9.0.280
  • adobe flash_player 10.0.2.54
  • adobe flash_player 10.1
  • adobe flash_player 10.1.52.14
  • adobe flash_player 10.2.152.26
  • adobe flash_player 10.2.153.1
  • adobe flash_player 10.3.181.22
  • adobe flash_player 10.3.181.26
  • adobe flash_player 10.3.183.5
  • adobe flash_player 10.3.183.7
  • adobe flash_player 10.3.183.10
  • adobe flash_player 10.3.183.11
  • adobe flash_player 10.3.183.15
  • adobe flash_player 10.3.183.16
  • adobe flash_player 10.3.183.18
  • adobe flash_player 10.3.185.22
  • adobe flash_player 11.0
  • adobe flash_player 11.0.1.152
  • adobe flash_player 11.0.1.153
  • adobe flash_player 11.1
  • adobe flash_player 11.1.102.55
  • adobe flash_player 11.1.102.62
  • adobe flash_player 11.1.102.63
  • adobe flash_player 11.1.111.8
  • adobe flash_player 11.1.115.7
  • adobe flash_player 11.2.202.228
  • adobe flash_player 11.2.202.233

Ease of attack

CVE-2006-0003:

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

CVE-2007-5659:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

CVE-2008-0655:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

CVE-2008-2992:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

CVE-2008-5353:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

CVE-2009-0927:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

CVE-2009-3867:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

CVE-2009-4324:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

CVE-2010-0188:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

CVE-2010-0248:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

CVE-2010-0840:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

CVE-2010-0842:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

CVE-2010-0866:

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

CVE-2010-1240:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

CVE-2010-1297:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

CVE-2011-2110:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

CVE-2011-2140:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

CVE-2011-2371:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

CVE-2011-3544:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

CVE-2011-3659:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

CVE-2012-0500:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

CVE-2012-0507:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

CVE-2012-0779:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

False positives

None known

False negatives

None known

Corrective action

Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References