Home > Vulnerability Database > CVE-2008-3873

Mend.io Vulnerability Database

CVE-2008-3873

Date: August 29, 2008

The System.setClipboard method in ActionScript in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to populate the clipboard with a URL that is difficult to delete and does not require user interaction to populate the clipboard, as exploited in the wild in August 2008.

Severity Score

3.7

Related Resources (25)

Url: http://secunia.com/advisories/34226

Url: http://www.vupen.com/english/advisories/2008/2838

Url: http://www.redhat.com/support/errata/RHSA-2008-0980.html

Url: http://blogs.zdnet.com/security/?p=1733

Url: http://security.gentoo.org/glsa/glsa-200903-23.xml

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/44584

Url: http://blogs.adobe.com/psirt/2008/08/clipboard_attack.html

Url: http://blogs.zdnet.com/security/?p=1759

Url: http://secunia.com/advisories/32702

Url: http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=834256&poid=

Url: http://secunia.com/advisories/32448

Url: http://www.adobe.com/devnet/flashplayer/articles/fplayer10_security_changes.html

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1

Url: http://www.adobe.com/support/security/bulletins/apsb08-18.html

Url: http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html

Url: http://secunia.com/advisories/32759

Url: http://www.redhat.com/support/errata/RHSA-2008-0945.html

Url: http://www.securityfocus.com/bid/31117

Url: http://secunia.com/advisories/33390

Url: http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm

Url: http://support.avaya.com/elmodocs2/security/ASA-2008-440.htm

Url: https://nvd.nist.gov/vuln/detail/CVE-2008-3873

Url: http://securitytracker.com/id?1020724

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2008-3873

Url: https://www.mend.io/vulnerability-database/CVE-2008-3873

Severity Score

3.7

CVSS v3.1

Base Score:	3.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

CVSS v2

Base Score:	4.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2008-3873

Date: August 29, 2008

Severity Score

Related Resources (25)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?