CVE-2008-1834

swfdec_load_object.c in Swfdec before 0.6.4 does not properly restrict local file access from untrusted sandboxes, which allows remote attackers to read arbitrary files via a crafted Flash file.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:swfdec:swfdec:*:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.4.2:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.4.3:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.4.4:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.4.5:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.5.3:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.5.4:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.5.5:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.5.90:*:*:*:*:*:*:*
cpe:2.3:a:swfdec:swfdec:0.6.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2008-04-16 16:05

Updated : 2024-02-04 17:33


NVD link : CVE-2008-1834

Mitre link : CVE-2008-1834

CVE.ORG link : CVE-2008-1834


JSON object : View

Products Affected

swfdec

  • swfdec
CWE
CWE-264

Permissions, Privileges, and Access Controls