CVE-2008-4503

The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to cause victims to unknowingly click on a link or dialog via access control dialogs disguised as normal graphical elements, as demonstrated by hijacking the camera or microphone, and related to clickjacking.

Affected Software

Name	Vendor	Start Version	End Version
Flash_player	Adobe	*	9.0.124.0 (including)
Flash_player	Adobe	7.0 (including)	7.0 (including)
Flash_player	Adobe	7.0.1 (including)	7.0.1 (including)
Flash_player	Adobe	7.0.25 (including)	7.0.25 (including)
Flash_player	Adobe	7.0.63 (including)	7.0.63 (including)
Flash_player	Adobe	7.0.69.0 (including)	7.0.69.0 (including)
Flash_player	Adobe	7.0.70.0 (including)	7.0.70.0 (including)
Flash_player	Adobe	7.0_r67 (including)	7.0_r67 (including)
Flash_player	Adobe	7.1 (including)	7.1 (including)
Flash_player	Adobe	7.1.1 (including)	7.1.1 (including)
Flash_player	Adobe	7.2 (including)	7.2 (including)
Flash_player	Adobe	8 (including)	8 (including)
Flash_player	Adobe	8.0 (including)	8.0 (including)
Flash_player	Adobe	8.0.24.0 (including)	8.0.24.0 (including)
Flash_player	Adobe	8.0.34.0 (including)	8.0.34.0 (including)
Flash_player	Adobe	8.0.35.0 (including)	8.0.35.0 (including)
Flash_player	Adobe	8.0.39.0 (including)	8.0.39.0 (including)
Flash_player	Adobe	9.0 (including)	9.0 (including)
Flash_player	Adobe	9.0.114.0 (including)	9.0.114.0 (including)
Flash_player	Adobe	9.0.115.0 (including)	9.0.115.0 (including)
Extras for RHEL 3	RedHat	flash-plugin-0:9.0.151.0-1.el3.with.oss	*
Extras for RHEL 4	RedHat	flash-plugin-0:9.0.151.0-1.el4	*
Supplementary for Red Hat Enterprise Linux 5	RedHat	flash-plugin-0:10.0.12.36-2.el5	*
Flashplugin-nonfree	Ubuntu	dapper	*
Flashplugin-nonfree	Ubuntu	feisty	*
Flashplugin-nonfree	Ubuntu	gutsy	*
Flashplugin-nonfree	Ubuntu	hardy	*
Flashplugin-nonfree	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-4503
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References