Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a file:// base in a web document, or (3) a relative URL from a web archive (mht file).
Name | Vendor | Start Version | End Version |
---|---|---|---|
Flash_player | Macromedia | 6.0.29.0 | 6.0.29.0 |
Flash_player | Macromedia | 6.0 | 6.0 |
Shockwave | Macromedia | 8.0 | 8.0 |
Flash_player | Macromedia | 6.0.40.0 | 6.0.40.0 |