CVE-2003-1017

Macromedia Flash Player <7.0.19.0 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-1017. PoCs published by Mindwarper.

AI-analyzed exploit summary This is a writeup describing a vulnerability in Macromedia Flash Player where Flash cookies (.sol files) are stored in a predictable location, allowing potential exploitation via file:// URIs and script injection in the Local Zone context. The issue affects versions prior to 7.0.19.0 and requires guessing the local username.

Description

Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such as Internet Explorer and Opera, which allows remote attackers to read restricted files via vulnerabilities in web browsers whose exploits rely on predictable names.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Mindwarper · textremotewindows
https://www.exploit-db.com/exploits/23298

This is a writeup describing a vulnerability in Macromedia Flash Player where Flash cookies (.sol files) are stored in a predictable location, allowing potential exploitation via file:// URIs and script injection in the Local Zone context. The issue affects versions prior to 7.0.19.0 and requires guessing the local username.

Classification
Writeup 90%
Attack Type
Other
Complexity
Moderate
Reliability
Theoretical
Target: Macromedia Flash Player < 7.0.19.0
No auth needed
Prerequisites: Knowledge of the victim's local username · Victim interaction to store malicious .sol file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/14013
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/8900

Scores

EPSS 0.0300
EPSS Percentile 85.7%

Details

Status published
Products (10)
macromedia/director 5.0
macromedia/flash_player 4.0_r12
macromedia/flash_player 5.0
macromedia/flash_player 5.0_r50
macromedia/flash_player 6.0
macromedia/flash_player 6.0.29.0
macromedia/flash_player 6.0.40.0
macromedia/flash_player 6.0.47.0
macromedia/flash_player 6.0.65.0
macromedia/flash_player 6.0.79.0
Published Jan 05, 2004
Tracked Since Feb 18, 2026