Summary
The host is running Adobe Flash Media Server (FMS), and is prone to video streaming vulnerability.
Impact
Successful attack could lead to capture and archive delivered video.
Impact Level: Application
Solution
Upgrade Adobe Flash Media Server version 3.0.5 or later, For updates refer to http://www.adobe.com/products/flashmediaserver/
Insight
The security issue is that it is possible to establish RTMPE/RTMPTE sessions to Flash Media Server when SWF verification is not enabled.
Affected
Adobe Flash Media Server 3.0 and prior on Windows.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-5109 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Arora Common Name SSL Certificate Spoofing Vulnerability (Linux)
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Linux)
- Adobe Reader Plugin Signature Bypass Vulnerability (Linux)
- Apple Safari Multiple Vulnerabilities Dec13 (Mac OS X)
- Adobe Reader Plugin Signature Bypass Vulnerability (Windows)