VYPR
Unrated severityNVD Advisory· Published Aug 14, 2007· Updated Jun 16, 2026

CVE-2007-4324

CVE-2007-4324

Description

ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not. NOTE: 9.0.115.0 introduces support for a workaround, but does not fix the vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*range: <=9.0.114.0
    • (no CPE)range: <=9.0.124.0

Patches

Vulnerability mechanics

References

35

News mentions

0

No linked articles in our index yet.