~wgrant/ubuntu-cve-tracker/mainold

« back to all changes in this revision

Viewing changes to active/CVE-2008-1654

• browse files at revision 1093
• compare with another revision
• download diff
• download tarball
• view history from revision 1093

Show diffs side-by-side

added

removed

active/CVE-2008-1654

 

1

Candidate: CVE-2008-1654

 

2

References:

 

3

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1654

 

4

Description:

 

5

 Interaction error between Adobe Flash and multiple Universal Plug and Play

 

6

 (UPnP) services allow remote attackers to perform Cross-Site Request

 

7

 Forgery (CSRF) style attacks by using the Flash navigateToURL function to

 

8

 send a SOAP message to a UPnP control point, as demonstrated by changing

 

9

 the primary DNS server.

 

10

Ubuntu-Description:

 

11

Notes:

 

12

Bugs:

 

13

Priority: untriaged

 

14

Discovered-by:

 

15

Assigned-to:

 

16

 

 

17

Patches_flashplugin-nonfree:

 

18

upstream_flashplugin-nonfree: needs-triage

 

19

dapper_flashplugin-nonfree: needs-triage

 

20

edgy_flashplugin-nonfree: needs-triage

 

21

feisty_flashplugin-nonfree: needs-triage

 

22

gutsy_flashplugin-nonfree: needs-triage

 

23

devel_flashplugin-nonfree: needs-triage

• Older »

Loggerhead is a web-based interface for Breezy
Version: 2.0.1