Vulnerabilities

CVE-2008-1654

by Fred · 02/04/2008

Interaction error between Adobe Flash and multiple Universal Plug and Play (UPnP) services allow remote attackers to perform Cross-Site Request Forgery (CSRF) style attacks by using the Flash navigateToURL function to send a SOAP message to a UPnP control point, as demonstrated by changing the primary DNS server.

Date published : 2008-04-02

http://lists.apple.com/archives/security-announce/2008//May/msg00001.html

http://www.securityfocus.com/bid/28696

Similar

Tags: Cybersecurity Alert