Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2007-2022

Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet.

Published

2007-04-13T18:19:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 6.8 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

8.6

Impact Score

6.4

Weaknesses

Type: Primary
CWE-200

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	adobe	flash_player	7.0.25	Yes
Application	adobe	flash_player	8.0	Yes
Application	adobe	flash_player	9.0.18d60	Yes
Application	adobe	flash_player	9.0.20	Yes
Application	adobe	flash_player	9.0.28	Yes
Application	opera	opera_browser	5.0	Yes
Application	opera	opera_browser	5.0	Yes
Application	opera	opera_browser	5.0	Yes
Application	opera	opera_browser	5.0	Yes
Application	opera	opera_browser	5.0	Yes
Application	opera	opera_browser	5.0	Yes
Application	opera	opera_browser	5.0	Yes
Application	opera	opera_browser	5.0	Yes
Application	opera	opera_browser	5.02	Yes
Application	opera	opera_browser	5.10	Yes
Application	opera	opera_browser	5.11	Yes
Application	opera	opera_browser	5.12	Yes
Application	opera	opera_browser	6.0	Yes
Application	opera	opera_browser	6.0	Yes
Application	opera	opera_browser	6.0	Yes
Application	opera	opera_browser	6.0	Yes
Application	opera	opera_browser	6.0	Yes
Application	opera	opera_browser	6.0	Yes
Application	opera	opera_browser	6.1	Yes
Application	opera	opera_browser	6.01	Yes
Application	opera	opera_browser	6.1	Yes
Application	opera	opera_browser	6.02	Yes
Application	opera	opera_browser	6.03	Yes
Application	opera	opera_browser	6.04	Yes
Application	opera	opera_browser	6.05	Yes
Application	opera	opera_browser	6.06	Yes
Application	opera	opera_browser	6.11	Yes
Application	opera	opera_browser	6.12	Yes
Application	opera	opera_browser	7.0	Yes
Application	opera	opera_browser	7.0	Yes
Application	opera	opera_browser	7.0	Yes
Application	opera	opera_browser	7.0	Yes
Application	opera	opera_browser	7.01	Yes
Application	opera	opera_browser	7.02	Yes
Application	opera	opera_browser	7.03	Yes
Application	opera	opera_browser	7.10	Yes
Application	opera	opera_browser	7.10	Yes
Application	opera	opera_browser	7.11	Yes
Application	opera	opera_browser	7.11	Yes
Application	opera	opera_browser	7.20	Yes
Application	opera	opera_browser	7.20	Yes
Application	opera	opera_browser	7.21	Yes
Application	opera	opera_browser	7.22	Yes
Application	opera	opera_browser	7.23	Yes
Application	opera	opera_browser	7.50	Yes
Application	opera	opera_browser	7.50	Yes
Application	opera	opera_browser	7.51	Yes
Application	opera	opera_browser	7.52	Yes
Application	opera	opera_browser	7.53	Yes
Application	opera	opera_browser	7.54	Yes
Application	opera	opera_browser	7.54	Yes
Application	opera	opera_browser	7.54	Yes
Application	opera	opera_browser	7.60	Yes
Application	opera	opera_browser	8.0	Yes
Application	opera	opera_browser	8.0	Yes
Application	opera	opera_browser	8.0	Yes
Application	opera	opera_browser	8.0	Yes
Application	opera	opera_browser	8.01	Yes
Application	opera	opera_browser	8.02	Yes
Application	opera	opera_browser	8.50	Yes
Application	opera	opera_browser	8.51	Yes
Application	opera	opera_browser	8.52	Yes
Application	opera	opera_browser	8.53	Yes
Application	opera	opera_browser	8.54	Yes
Application	opera	opera_browser	9.0	Yes
Application	opera	opera_browser	9.0	Yes
Application	opera	opera_browser	9.0	Yes
Application	opera	opera_browser	9.01	Yes
Application	opera	opera_browser	9.02	Yes
Application	opera	opera_browser	9.10	Yes
Application	opera	opera_browser	9.12	Yes

References

ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc ([email protected])
http://secunia.com/advisories/24877 Vendor Advisory ([email protected])
http://secunia.com/advisories/25027 Vendor Advisory ([email protected])
http://secunia.com/advisories/25432 Vendor Advisory ([email protected])
http://secunia.com/advisories/25662 Vendor Advisory ([email protected])
http://secunia.com/advisories/25669 Vendor Advisory ([email protected])
http://secunia.com/advisories/25894 Vendor Advisory ([email protected])
http://secunia.com/advisories/25933 Vendor Advisory ([email protected])
http://secunia.com/advisories/26027 Vendor Advisory ([email protected])
http://secunia.com/advisories/26118 Vendor Advisory ([email protected])
http://secunia.com/advisories/26357 Vendor Advisory ([email protected])
http://secunia.com/advisories/26860 Vendor Advisory ([email protected])
http://secunia.com/advisories/28068 Vendor Advisory ([email protected])
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1 ([email protected])
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1 ([email protected])
http://www.adobe.com/support/security/advisories/apsa07-03.html ([email protected])
http://www.adobe.com/support/security/bulletins/apsb07-12.html Vendor Advisory ([email protected])
http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2007:138 ([email protected])
http://www.novell.com/linux/security/advisories/2007_12_sr.html ([email protected])
http://www.novell.com/linux/security/advisories/2007_28_opera.html ([email protected])
http://www.novell.com/linux/security/advisories/2007_46_flashplayer.html ([email protected])
http://www.opera.com/support/search/view/858/ ([email protected])
http://www.redhat.com/support/errata/RHSA-2007-0494.html ([email protected])
http://www.securityfocus.com/bid/23437 ([email protected])
http://www.securitytracker.com/id?1017903 ([email protected])
http://www.us-cert.gov/cas/techalerts/TA07-192A.html US Government Resource ([email protected])
http://www.vupen.com/english/advisories/2007/1361 Vendor Advisory ([email protected])
http://www.vupen.com/english/advisories/2007/2497 Vendor Advisory ([email protected])
http://www.vupen.com/english/advisories/2007/4190 Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/33595 ([email protected])
https://issues.rpath.com/browse/RPL-1462 ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9332 ([email protected])
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24877 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/25027 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/25432 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/25662 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/25669 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/25894 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/25933 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/26027 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/26118 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/26357 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/26860 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/28068 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1 (af854a3a-2127-422b-91ae-364da2661108)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.adobe.com/support/security/advisories/apsa07-03.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.adobe.com/support/security/bulletins/apsb07-12.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2007:138 (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2007_12_sr.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2007_28_opera.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2007_46_flashplayer.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.opera.com/support/search/view/858/ (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2007-0494.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/23437 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1017903 (af854a3a-2127-422b-91ae-364da2661108)
http://www.us-cert.gov/cas/techalerts/TA07-192A.html US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/1361 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/2497 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/4190 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33595 (af854a3a-2127-422b-91ae-364da2661108)
https://issues.rpath.com/browse/RPL-1462 (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9332 (af854a3a-2127-422b-91ae-364da2661108)