CVE-2008-5499

Adobe Flash Player ActionScript Launch Command Execution Vulnerability

Title source: metasploit

Description

Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotelinux

https://www.exploit-db.com/exploits/18761

View Code ZIP pw:eip

metasploit WORKING POC GOOD

by 0a29406d9794e4f9b30b3c5d6702c708 · rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb

View Code ZIP pw:eip

References (13)

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00006.html

[Vendor Advisory] http://secunia.com/advisories/33294

[Patch, Vendor Advisory] http://www.adobe.com/support/security/bulletins/apsb08-24.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2008-1047.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/47445

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/32896

[Third Party Advisory] http://security.gentoo.org/glsa/glsa-200903-23.xml

[Third Party Advisory, VDB Entry] http://osvdb.org/50796

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1021458

[Third Party Advisory] http://secunia.com/advisories/33221

[Third Party Advisory] http://secunia.com/advisories/33267

[Third Party Advisory] http://secunia.com/advisories/34226

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/3449

Scores

EPSS 0.9058

EPSS Percentile 99.6%

Details

CWE

CWE-94

Status published

Products (6)

adobe/flash_player_for_linux 9.0.31

adobe/flash_player_for_linux 9.0.48.0

adobe/flash_player_for_linux 9.0.115.0

adobe/flash_player_for_linux 9.0.124.0

adobe/flash_player_for_linux 10.0.12.36

adobe/flash_player_for_linux < 9.0.151.0

Published Dec 18, 2008

Tracked Since Feb 18, 2026