CVE-2008-1201
Adobe Flash CS3 Professional, Flash Professional 8, and Flash Basic 8 - Remote Code Execution via Crafted FLA File
Title source: llmDescription
Multiple unspecified vulnerabilities in FLA file parsing in Adobe Flash CS3 Professional, Flash Professional 8, and Flash Basic 8 on Windows allow user-assisted remote attackers to execute arbitrary code via a crafted .FLA file.
References (8)
Core 8
Core References
Vendor Advisory x_refsource_misc
http://www.fortiguardcenter.com/advisory/FGA-2008-07.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29455
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/28349
Various Sources x_refsource_misc
http://ruder.cdut.net/blogview.asp?logID=241
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41327
Vendor Advisory x_refsource_confirm
http://www.adobe.com/support/security/advisories/apsa08-03.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0948/references
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1019681
Scores
EPSS
0.1968
EPSS Percentile
97.1%
Details
CWE
CWE-94
Status
published
Products (2)
adobe/flash
basic 8
adobe/flash
professional 8 (2 CPE variants)
Published
Mar 24, 2008
Tracked Since
Feb 18, 2026