CVE-2003-1017

Macromedia Flash Player <7.0.19.0 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-1017. PoCs published by Mindwarper.

AI-analyzed exploit summary This is a writeup describing a vulnerability in Macromedia Flash Player where Flash cookies (.sol files) are stored in a predictable location, allowing potential exploitation via file:// URIs and script injection in the Local Zone context. The issue affects versions prior to 7.0.19.0 and requires guessing the local username.

Description

Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such as Internet Explorer and Opera, which allows remote attackers to read restricted files via vulnerabilities in web browsers whose exploits rely on predictable names.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Mindwarper · textremotewindows

https://www.exploit-db.com/exploits/23298

View Code ZIP pw:eip

This is a writeup describing a vulnerability in Macromedia Flash Player where Flash cookies (.sol files) are stored in a predictable location, allowing potential exploitation via file:// URIs and script injection in the Local Zone context. The issue affects versions prior to 7.0.19.0 and requires guessing the local username.

Classification

Writeup 90%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: Macromedia Flash Player < 7.0.19.0

No auth needed

Prerequisites: Knowledge of the victim's local username · Victim interaction to store malicious .sol file

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Patch, Vendor Advisory x_refsource_confirm

http://www.macromedia.com/devnet/security/security_zone/mpsb03-08.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/14013

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/8900

Scores

EPSS 0.0300

EPSS Percentile 85.7%

Details

Status published

Products (10)

macromedia/director 5.0

macromedia/flash_player 4.0_r12

macromedia/flash_player 5.0

macromedia/flash_player 5.0_r50

macromedia/flash_player 6.0

macromedia/flash_player 6.0.29.0

macromedia/flash_player 6.0.40.0

macromedia/flash_player 6.0.47.0

macromedia/flash_player 6.0.65.0

macromedia/flash_player 6.0.79.0

Published Jan 05, 2004

Tracked Since Feb 18, 2026