CVE-2007-2022

CVSS V2 Medium 6.8 CVSS V3 None
Description
Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet.
Overview
  • CVE ID
  • CVE-2007-2022
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Modified
  • Published Version
  • 2007-04-13T18:19:00
  • Last Modified Date
  • 2017-10-11T01:32:05
Weakness Enumerations
CWE URL
CWE-200 http://cwe.mitre.org/data/definitions/200.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:5.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:5.0:beta2:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:5.0:beta3:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:5.0:beta4:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:5.0:beta5:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:5.0:beta6:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:5.0:beta7:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:5.0:beta8:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:5.02:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:5.10:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:5.11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:5.12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:6.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:6.0:beta1:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:6.0:beta2:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:6.0:tp1:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:6.0:tp2:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:6.0:tp3:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:6.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:6.01:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:6.1:beta1:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:6.02:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:6.03:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:6.04:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:6.05:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:6.06:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:6.11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:6.12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.0:beta1:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.0:beta1_v2:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.0:beta2:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.01:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.02:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.03:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.10:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.10:beta1:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.11:beta2:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.20:beta7:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.50:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.50:beta1:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.51:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.52:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.53:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.54:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.54:update1:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.54:update2:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:7.60:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:8.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:8.0:beta1:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:8.0:beta2:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:8.0:beta3:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:8.01:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:8.02:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:8.50:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:8.51:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:8.52:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:8.53:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:8.54:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:9.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:9.0:beta1:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:9.0:beta2:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:9.01:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:9.02:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:9.10:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:opera:opera_browser:9.12:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:M/Au:N/C:P/I:P/A:P
  • Access Vector
  • NETWORK
  • Access Compatibility
  • MEDIUM
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • PARTIAL
  • Availability Impact
  • PARTIAL
  • Base Score
  • 6.8
  • Severity
  • MEDIUM
  • Exploitability Score
  • 8.6
  • Impact Score
  • 6.4
References
Reference URL Reference Tags
http://www.adobe.com/support/security/advisories/apsa07-03.html
http://www.opera.com/support/search/view/858/
http://www.securityfocus.com/bid/23437
http://www.securitytracker.com/id?1017903
http://secunia.com/advisories/24877 Vendor Advisory
http://www.novell.com/linux/security/advisories/2007_28_opera.html
http://secunia.com/advisories/25027 Vendor Advisory
http://www.adobe.com/support/security/bulletins/apsb07-12.html Vendor Advisory
https://issues.rpath.com/browse/RPL-1462
http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:138
http://www.redhat.com/support/errata/RHSA-2007-0494.html
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
http://www.novell.com/linux/security/advisories/2007_12_sr.html
http://www.novell.com/linux/security/advisories/2007_46_flashplayer.html
http://www.us-cert.gov/cas/techalerts/TA07-192A.html US Government Resource
http://secunia.com/advisories/25432 Vendor Advisory
http://secunia.com/advisories/25662 Vendor Advisory
http://secunia.com/advisories/25669 Vendor Advisory
http://secunia.com/advisories/25894 Vendor Advisory
http://secunia.com/advisories/25933 Vendor Advisory
http://secunia.com/advisories/26027 Vendor Advisory
http://secunia.com/advisories/26118 Vendor Advisory
http://secunia.com/advisories/26357 Vendor Advisory
http://secunia.com/advisories/26860 Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1
http://secunia.com/advisories/28068 Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1
http://www.vupen.com/english/advisories/2007/2497 Vendor Advisory
http://www.vupen.com/english/advisories/2007/1361 Vendor Advisory
http://www.vupen.com/english/advisories/2007/4190 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33595
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9332
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2007-2022
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2022
History
Created Old Value New Value Data Type Notes
2022-05-10 18:58:40 Added to TrackCVE