Unrated severityNVD Advisory· Published Oct 9, 2008· Updated Jun 16, 2026
CVE-2008-4503
CVE-2008-4503
Description
The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to cause victims to unknowingly click on a link or dialog via access control dialogs disguised as normal graphical elements, as demonstrated by hijacking the camera or microphone, and related to "clickjacking."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
24cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*+ 23 more
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*range: <=9.0.124.0
- cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.63:*:linux:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0_r67:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0_r67:*:solaris:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8:*:pro:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8:*:professional:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*
- (no CPE)range: <=9.0.124.0
Patches
Vulnerability mechanics
References
21- www.adobe.com/support/security/bulletins/apsb08-18.htmlnvdPatchVendor Advisory
- secunia.com/advisories/32163nvdVendor Advisory
- www.adobe.com/support/security/advisories/apsa08-08.htmlnvdVendor Advisory
- blog.guya.net/2008/10/07/malicious-camera-spying-using-clickjacking/nvd
- ha.ckers.org/blog/20081007/clickjacking-details/nvd
- lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.htmlnvd
- secunia.com/advisories/32448nvd
- secunia.com/advisories/32702nvd
- secunia.com/advisories/32759nvd
- secunia.com/advisories/33390nvd
- secunia.com/advisories/34226nvd
- security.gentoo.org/glsa/glsa-200903-23.xmlnvd
- sunsolve.sun.com/search/document.donvd
- support.avaya.com/elmodocs2/security/ASA-2008-440.htmnvd
- support.avaya.com/elmodocs2/security/ASA-2009-020.htmnvd
- www.redhat.com/support/errata/RHSA-2008-0945.htmlnvd
- www.redhat.com/support/errata/RHSA-2008-0980.htmlnvd
- www.securityfocus.com/bid/31625nvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2008/2764nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/45721nvd
News mentions
0No linked articles in our index yet.