JVN#72595280
Flash Player allows to send arbitrary Referer headers
Overview
Adobe Flash Player contains a vulnerability allowing to send arbitrary Referer headers.
Products Affected
- Flash Player 8.0.34.0 and earlier
Description
Adobe Flash Player is a multimedia and application browser plugin for viewing Adobe Flash contents.
Flash Player contains a vulnerability allowing to send arbitrary Referer headers.
Impact
As a flash file (swf) can send an arbitrary Referer header and Flash Player cannot properly validate Referer header sent by swf, a remote attacker could bypass a security measure on a web application applied based on the Referer header.
Solution
Update the Software
Update to the latest version provided by the vendor.
For more information, refer to the vendor's website.
Vendor Status
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Analyzed on 2007.07.11
| Measures | Conditions | Severity |
|---|---|---|
| Access Required | Routed - can be attacked over the Internet using packets |
|
| Authentication | None - anonymous or no authentication (IP addresses do not count) |
|
| User Interaction Required | Simple - the user must be convinced to take a standard action that does not feel harmful to most users, such as click on a link or view a file |
|
| Exploit Complexity | Low-Medium - some expertise and/or luck required (most buffer overflows, guessing correctly in small space, expertise in Windows function calls) |
|
Credit
Daiki Fukumori of Secure Sky Technology, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory |
TA07-192A |
| CPNI Advisory | |
| TRnotes | |
| CVE |
CVE-2007-3457 VU#138457 |
| JVN iPedia |
JVNDB-2007-000507 |