CVE-2008-4818

N/A Unknown

Published: November 10, 2008 Modified: April 23, 2026

Description

Cross-site scripting (XSS) vulnerability in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving HTTP response headers.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html

Source: cve@mitre.org

http://secunia.com/advisories/32702

Source: cve@mitre.org

http://secunia.com/advisories/33179

Source: cve@mitre.org

http://secunia.com/advisories/33390

Source: cve@mitre.org

http://secunia.com/advisories/34226

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200903-23.xml

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1

Source: cve@mitre.org

http://support.apple.com/kb/HT3338

Source: cve@mitre.org

http://support.avaya.com/elmodocs2/security/ASA-2008-440.htm

Source: cve@mitre.org

http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm

Source: cve@mitre.org

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=834256&poid=

Source: cve@mitre.org

http://www.adobe.com/support/security/bulletins/apsb08-20.html

Source: cve@mitre.org

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2008-0980.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/32129

Source: cve@mitre.org

Patch

http://www.securitytracker.com/id?1021146

Source: cve@mitre.org

http://www.us-cert.gov/cas/techalerts/TA08-350A.html

Source: cve@mitre.org

US Government Resource

http://www.vupen.com/english/advisories/2008/3444

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/46531

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html