Unrated severityNVD Advisory· Published Dec 20, 2007· Updated Jun 16, 2026
CVE-2007-6243
CVE-2007-6243
Description
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*range: <=9.0.48.0
- (no CPE)range: <=9.0.48.0, <=8.0.35.0, <=7.0.70.0
Patches
Vulnerability mechanics
References
41- secunia.com/advisories/28213nvdVendor Advisory
- secunia.com/advisories/29763nvdVendor Advisory
- secunia.com/advisories/29865nvdVendor Advisory
- secunia.com/advisories/30430nvdVendor Advisory
- secunia.com/advisories/30507nvdVendor Advisory
- secunia.com/advisories/32448nvdVendor Advisory
- secunia.com/advisories/32702nvdVendor Advisory
- secunia.com/advisories/32759nvdVendor Advisory
- secunia.com/advisories/33390nvdVendor Advisory
- www.adobe.com/support/security/bulletins/apsb07-20.htmlnvdVendor Advisory
- www.kb.cert.org/vuls/id/935737nvdUS Government Resource
- www.us-cert.gov/cas/techalerts/TA07-355A.htmlnvdUS Government Resource
- www.us-cert.gov/cas/techalerts/TA08-100A.htmlnvdUS Government Resource
- www.us-cert.gov/cas/techalerts/TA08-150A.htmlnvdUS Government Resource
- jvn.jp/jp/JVN%2345675516/index.htmlnvd
- lists.apple.com/archives/security-announce/2008//May/msg00001.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.htmlnvd
- secunia.com/advisories/28161nvd
- secunia.com/advisories/28570nvd
- securitytracker.com/idnvd
- sunsolve.sun.com/search/document.donvd
- sunsolve.sun.com/search/document.donvd
- support.avaya.com/elmodocs2/security/ASA-2008-440.htmnvd
- support.avaya.com/elmodocs2/security/ASA-2009-020.htmnvd
- support.nortel.com/go/main.jspnvd
- www.adobe.com/devnet/flashplayer/articles/fplayer9_security.htmlnvd
- www.adobe.com/support/security/bulletins/apsb08-11.htmlnvd
- www.gentoo.org/security/en/glsa/glsa-200801-07.xmlnvd
- www.gentoo.org/security/en/glsa/glsa-200804-21.xmlnvd
- www.redhat.com/support/errata/RHSA-2008-0221.htmlnvd
- www.redhat.com/support/errata/RHSA-2008-0945.htmlnvd
- www.redhat.com/support/errata/RHSA-2008-0980.htmlnvd
- www.securityfocus.com/bid/26929nvd
- www.securityfocus.com/bid/26966nvd
- www.vupen.com/english/advisories/2007/4258nvd
- www.vupen.com/english/advisories/2008/1697nvd
- www.vupen.com/english/advisories/2008/1724/referencesnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/39129nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11069nvd
News mentions
0No linked articles in our index yet.