Forum - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

Adobe Flash Player sandbox protection bypass
updated since 10.08.2007
Published: 24.12.2007
Source: BUGTRAQ
SecurityVulns ID: 8028
Type: client
Level: 5/10
Description: SecurityErrorEvent can be used for client ports scanning.

Affected: ADOBE : Flash Player 9.0
CVE: CVE-2007-4324 (ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0 allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not.)

Original document SECURITEAM, [EXPL] Socket Connection Timing Can Reveal Information About Network Configuration (Exploit) (24.12.2007)

fukami, Design flaw in AS3 socket handling allows port probing (10.08.2007)

Files: Flash 9 AS3 TCP-Portprober
Discuss: Read or add your comments to this news (0 comments)

Show		Threads
		Messages

Main Forum (Eng) General security questions not appropriate for another forums.	3proxy Forum (Eng) All 3proxy question must be posted to this forum.	Bugs, Vulnerabilities, PoCs and Exploits (Eng) All vulnerability related questions, vulnerability digging and exploit creation.	Windows programming and administration (Eng) Administering Windows and application development.	Unix programming and administation (Eng) Administering Unix and application development.	Test forum Please post all test messages here. All test messages from different forums will be deteted.
Main Forum (Rus)	3proxy Forum (Rus)	Bugs, Vulnerabilities, PoCs and Exploits (Rus)	Windows programming and administration (Rus)	Unix programming and administation (Rus)